Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. The old stable distribution (sarge) doesn't contain fail2ban. For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4. We recommend that you upgrade your fail2ban package.
Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address.
The old stable distribution (sarge) doesn't contain fail2ban.
For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch4.
For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4.
We recommend that you upgrade your fail2ban package.
MD5 checksums of the listed files are available in the original advisory.