Vulnerabilities > CVE-2006-6302 - Remote Denial of Service vulnerability in Fail2Ban
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address.
Vulnerable Configurations
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200702-05.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200702-05 (Fail2ban: Denial of Service) A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact : A remote attacker can add arbitrary hosts to the block list, denying legitimate users access to a resource. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24362 |
published | 2007-02-17 |
reporter | This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24362 |
title | GLSA-200702-05 : Fail2ban: Denial of Service |
code |
|
References
- http://bugs.gentoo.org/show_bug.cgi?id=157166
- http://secunia.com/advisories/23237
- http://secunia.com/advisories/24184
- http://security.gentoo.org/glsa/glsa-200702-05.xml
- http://www.securityfocus.com/bid/21469
- http://www.vupen.com/english/advisories/2006/4877
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30739