Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fail2ban vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34243
TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS), an attacker could discover their username by brute-forcing the login endpoint with an invalid password. When a valid Windows logon was found...
Tgstation13 Tgstation-server
NA
CVE-2022-38337
When aborting a SFTP connection, MobaXterm before v22.1 sends a hardcoded password to the server. The server treats this as an invalid login attempt which can result in a Denial of Service (DoS) for the user if services like fail2ban are used.
Mobatek Mobaxterm
605
VMScore
CVE-2021-32749
fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 up to and including 0.10.6, and 0.11.0 up to and including 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-who...
Fail2ban Fail2ban
Fedoraproject Fedora 34
Fedoraproject Fedora 35
418
VMScore
CVE-2009-5023
The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban prior to 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/...
Fail2ban Fail2ban 0.4.1
Fail2ban Fail2ban 0.7.4
Fail2ban Fail2ban 0.7.2
Fail2ban Fail2ban 0.1.2
Fail2ban Fail2ban 0.5.0
Fail2ban Fail2ban 0.7.5
Fail2ban Fail2ban 0.7.9
Fail2ban Fail2ban 0.7.1
Fail2ban Fail2ban 0.7.8
Fail2ban Fail2ban 0.5.2
Fail2ban Fail2ban
Fail2ban Fail2ban 0.7.7
Fail2ban Fail2ban 0.8.2
Fail2ban Fail2ban 0.4.0
Fail2ban Fail2ban 0.5.1
Fail2ban Fail2ban 0.8.1
Fail2ban Fail2ban 0.5.3
Fail2ban Fail2ban 0.3.1
Fail2ban Fail2ban 0.8.0
Fail2ban Fail2ban 0.5.4
Fail2ban Fail2ban 0.6.0
Fail2ban Fail2ban 0.5.5
445
VMScore
CVE-2013-7176
config/filter.d/postfix.conf in the postfix filter in Fail2ban prior to 0.8.11 allows remote malicious users to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
Fail2ban Fail2ban 0.4.1
Fail2ban Fail2ban 0.7.4
Fail2ban Fail2ban 0.7.2
Fail2ban Fail2ban 0.1.2
Fail2ban Fail2ban 0.5.0
Fail2ban Fail2ban 0.7.5
Fail2ban Fail2ban
Fail2ban Fail2ban 0.8.6
Fail2ban Fail2ban 0.7.9
Fail2ban Fail2ban 0.7.1
Fail2ban Fail2ban 0.8.8
Fail2ban Fail2ban 0.8.7
Fail2ban Fail2ban 0.7.8
Fail2ban Fail2ban 0.5.2
Fail2ban Fail2ban 0.7.7
Fail2ban Fail2ban 0.8.7.1
Fail2ban Fail2ban 0.8.2
Fail2ban Fail2ban 0.4.0
Fail2ban Fail2ban 0.5.1
Fail2ban Fail2ban 0.8.1
Fail2ban Fail2ban 0.5.3
Fail2ban Fail2ban 0.3.1
445
VMScore
CVE-2013-7177
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban prior to 0.8.11 allows remote malicious users to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
Fail2ban Fail2ban 0.4.1
Fail2ban Fail2ban 0.7.4
Fail2ban Fail2ban 0.7.2
Fail2ban Fail2ban 0.1.2
Fail2ban Fail2ban 0.5.0
Fail2ban Fail2ban 0.7.5
Fail2ban Fail2ban
Fail2ban Fail2ban 0.8.6
Fail2ban Fail2ban 0.7.9
Fail2ban Fail2ban 0.7.1
Fail2ban Fail2ban 0.8.8
Fail2ban Fail2ban 0.8.7
Fail2ban Fail2ban 0.7.8
Fail2ban Fail2ban 0.5.2
Fail2ban Fail2ban 0.7.7
Fail2ban Fail2ban 0.8.7.1
Fail2ban Fail2ban 0.8.2
Fail2ban Fail2ban 0.4.0
Fail2ban Fail2ban 0.5.1
Fail2ban Fail2ban 0.8.1
Fail2ban Fail2ban 0.5.3
Fail2ban Fail2ban 0.3.1
445
VMScore
CVE-2013-2178
The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban prior to 0.8.10 do not properly validate log messages, which allows remote malicious users to block arbitrary IP addresses via certain messages in a request.
Fail2ban Fail2ban 0.4.1
Fail2ban Fail2ban 0.7.4
Fail2ban Fail2ban 0.7.2
Fail2ban Fail2ban 0.1.2
Fail2ban Fail2ban 0.5.0
Fail2ban Fail2ban 0.7.5
Fail2ban Fail2ban 0.8.6
Fail2ban Fail2ban 0.7.9
Fail2ban Fail2ban 0.7.1
Fail2ban Fail2ban 0.8.8
Fail2ban Fail2ban 0.8.7
Fail2ban Fail2ban 0.7.8
Fail2ban Fail2ban 0.5.2
Fail2ban Fail2ban 0.7.7
Fail2ban Fail2ban 0.8.7.1
Fail2ban Fail2ban 0.8.2
Fail2ban Fail2ban 0.4.0
Fail2ban Fail2ban 0.5.1
Fail2ban Fail2ban 0.8.1
Fail2ban Fail2ban 0.5.3
Fail2ban Fail2ban 0.3.1
Fail2ban Fail2ban 0.8.4
668
VMScore
CVE-2012-5642
server/action.py in Fail2ban prior to 0.8.8 does not properly handle the content of the matches tag, which might allow remote malicious users to trigger unsafe behavior in a custom action file via unspecified symbols in this content.
Fail2ban Fail2ban 0.4.1
Fail2ban Fail2ban 0.7.4
Fail2ban Fail2ban 0.7.2
Fail2ban Fail2ban 0.1.2
Fail2ban Fail2ban 0.5.0
Fail2ban Fail2ban 0.7.5
Fail2ban Fail2ban 0.8.6
Fail2ban Fail2ban 0.7.9
Fail2ban Fail2ban 0.7.1
Fail2ban Fail2ban 0.8.7
Fail2ban Fail2ban 0.7.8
Fail2ban Fail2ban 0.5.2
Fail2ban Fail2ban 0.7.7
Fail2ban Fail2ban 0.8.2
Fail2ban Fail2ban 0.4.0
Fail2ban Fail2ban 0.5.1
Fail2ban Fail2ban 0.8.1
Fail2ban Fail2ban 0.5.3
Fail2ban Fail2ban 0.3.1
Fail2ban Fail2ban 0.8.4
Fail2ban Fail2ban 0.8.0
Fail2ban Fail2ban 0.5.4
356
VMScore
CVE-2009-0362
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote malicious users to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an I...
Fail2ban Fail2ban 0.8.3
685
VMScore
CVE-2007-4321
fail2ban 0.8 and previous versions does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via...
Fail2ban Fail2ban 0.8
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »