Vulnerabilities > CVE-2006-6301 - Remote Denial of Service vulnerability in Denyhosts 2.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
DenyHosts 2.5 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address, which is not properly handled by a regular expression.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200701-01.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200701-01 (DenyHosts: Denial of Service) Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that DenyHosts used an incomplete regular expression to parse failed login attempts. Impact : A remote unauthenticated attacker can add arbitrary hosts to the blacklist by attempting to login with a specially crafted username. An attacker may use this to prevent legitimate users from accessing a host remotely. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23990 |
published | 2007-01-08 |
reporter | This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23990 |
title | GLSA-200701-01 : DenyHosts: Denial of Service |
code |
|
References
- http://bugs.gentoo.org/show_bug.cgi?id=157163
- http://secunia.com/advisories/23236
- http://secunia.com/advisories/23603
- http://security.gentoo.org/glsa/glsa-200701-01.xml
- http://www.securityfocus.com/bid/21468
- http://www.vupen.com/english/advisories/2006/4876
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30761