Executive Summary
| Summary | |
|---|---|
| Title | New fail2ban packages fix denial of service |
| Informations | |||
|---|---|---|---|
| Name | DSA-1456 | First vendor Publication | 2008-01-09 |
| Vendor | Debian | Last vendor Modification | 2008-01-09 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4. For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1. The old stable distribution (sarge) doesn't contain fail2ban. We recommend that you upgrade your fail2ban package. |
Original Source
| Url : http://www.debian.org/security/2008/dsa-1456 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20312 | |||
| Oval ID: | oval:org.mitre.oval:def:20312 | ||
| Title: | DSA-1456-1 fail2ban | ||
| Description: | Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1456-1 CVE-2007-4321 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fail2ban |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:7874 | |||
| Oval ID: | oval:org.mitre.oval:def:7874 | ||
| Title: | DSA-1456 fail2ban -- programming error | ||
| Description: | Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. The old stable distribution (sarge) doesn't contain fail2ban. For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4. We recommend that you upgrade your fail2ban package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1456 CVE-2007-4321 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | fail2ban |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200707-13 (fail2ban) File : nvt/glsa_200707_13.nasl |
| 2008-01-31 | Name : Debian Security Advisory DSA 1456-1 (fail2ban) File : nvt/deb_1456_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 42484 | Fail2ban Crafted Client Version sshd Log File Parsing Arbitrary Host Addition... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-01-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1456.nasl - Type : ACT_GATHER_INFO |
| 2007-07-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-13.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:27:11 |
|
