Vulnerabilities > CVE-2007-4323 - Remote Denial of Service vulnerability in Denyhosts 2.6
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
DenyHosts 2.6 does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6301.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-200710-14.NASL |
description | The remote host is affected by the vulnerability described in GLSA-200710-14 (DenyHosts: Denial of Service) Daniel B. Cid discovered that DenyHosts used an incomplete regular expression to parse failed login attempts, a different issue than GLSA 200701-01. Impact : A remote unauthenticated attacker can add arbitrary hosts into the blacklist, including the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 27049 |
published | 2007-10-15 |
reporter | This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/27049 |
title | GLSA-200710-14 : DenyHosts: Denial of Service |
code |
|
References
- http://bugs.gentoo.org/show_bug.cgi?id=181213
- http://osvdb.org/42482
- http://secunia.com/advisories/27254
- http://security.gentoo.org/glsa/glsa-200710-14.xml
- http://www.ossec.net/en/attacking-loganalysis.html
- http://www.securityfocus.com/bid/26061
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244943
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37199