Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2007-4321

Published: 14/08/2007 Updated: 31/10/2012
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 685
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Fail2ban

Vulnerability Summary

fail2ban 0.8 and previous versions does not properly parse sshd log files, which allows remote malicious users to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

Vulnerable Product Search on Vulmon Subscribe to Product

fail2ban fail2ban 0.8

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2007-4321 remote log injection
Debian Bug report logs - #438187 CVE-2007-4321 remote log injection Package: fail2ban; Maintainer for fail2ban is Yaroslav Halchenko <debian@onerussiancom>; Source for fail2ban is src:fail2ban (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Thu, 16 Aug 2007 01:09:02 UTC Severity: normal Tags: ...
Debian Security Advisories: DSA-1456-1 fail2ban -- programming error
Daniel B Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address The old stable distribution (sarge) doesn't contain fail2ban For the stable distribution (etch), this problem has been fixed in version 075-2etch1 For the ...

Exploits

Exploit DB: Fail2ban 0.8 - Remote Denial of Service
source: wwwsecurityfocuscom/bid/25117/info Fail2ban is prone to a remote denial-of-service vulnerability because the application fails to properly ensure the validity of authentication-failure messages Successfully exploiting this issue allows remote attackers to add arbitrary IP addresses to the block list used by the application This ...

References

NVD-CWE-Otherhttp://www.ossec.net/en/attacking-loganalysis.htmlhttp://security.gentoo.org/glsa/glsa-200707-13.xmlhttp://www.debian.org/security/2008/dsa-1456http://bugs.gentoo.org/show_bug.cgi?id=181214http://www.securityfocus.com/bid/25117http://secunia.com/advisories/23237http://secunia.com/advisories/28374http://osvdb.org/42484https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438187https://nvd.nist.govhttps://www.exploit-db.com/exploits/30430/https://www.debian.org/security/./dsa-1456
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook