Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-4321 | First vendor Publication | 2007-08-13 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4321 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20312 | |||
| Oval ID: | oval:org.mitre.oval:def:20312 | ||
| Title: | DSA-1456-1 fail2ban | ||
| Description: | Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1456-1 CVE-2007-4321 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fail2ban |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:7874 | |||
| Oval ID: | oval:org.mitre.oval:def:7874 | ||
| Title: | DSA-1456 fail2ban -- programming error | ||
| Description: | Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. The old stable distribution (sarge) doesn't contain fail2ban. For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4. We recommend that you upgrade your fail2ban package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1456 CVE-2007-4321 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fail2ban |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-13 (fail2ban) File : nvt/glsa_200707_13.nasl |
| 2008-01-31 | Name : Debian Security Advisory DSA 1456-1 (fail2ban) File : nvt/deb_1456_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 42484 | Fail2ban Crafted Client Version sshd Log File Parsing Arbitrary Host Addition... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-01-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1456.nasl - Type : ACT_GATHER_INFO |
| 2007-07-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-13.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 23:16:34 |
|
| 2024-11-28 12:13:11 |
|
| 2021-05-04 12:06:15 |
|
| 2021-04-22 01:06:48 |
|
| 2020-05-23 00:20:17 |
|
| 2016-06-28 16:49:43 |
|
| 2016-04-26 16:29:04 |
|
| 2014-02-17 10:41:19 |
|
| 2013-05-11 10:34:02 |
|
