NA

CVE-2013-2178

Published: 28/08/2013 Updated: 19/09/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban prior to 0.8.10 do not properly validate log messages, which allows remote malicious users to block arbitrary IP addresses via certain messages in a request.

Vendor Advisories

The apache-authconf, apache-nohomeconf, apache-noscriptconf, and apache-overflowsconf files in Fail2ban before 0810 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request ...