CVE-2006-6302 — Fail2ban vulnerability

7 documents4 sources

Severity

6.8MEDIUMNVD

NVD5.0OSV5.0

EPSS

1.3%

top 20.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fail2ban Debian Fail2ban

Timeline

PublishedDec 6

Latest updateMay 1

Description

fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a login name containing certain strings with an IP address.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/fail2ban< fail2ban 0.8.0-4 (bookworm)+1

▶Debianfail2ban/fail2ban< 0.8.0-4+3

▶NVDfail2ban/fail2ban0.7.4+1

🔴Vulnerability Details

GHSA

GHSA-5jfx-9p58-q8pj: fail2ban 0↗2022-05-01

▶

GHSA

GHSA-j744-4wh9-3vxg: fail2ban 0↗2022-05-01

▶

OSV

CVE-2007-4321: fail2ban 0↗2007-08-14

▶

📋Vendor Advisories

Debian

CVE-2007-4321: fail2ban - fail2ban 0.8 and earlier does not properly parse sshd log files, which allows re...↗2007

▶

Debian

CVE-2006-6302: fail2ban - fail2ban 0.7.4 and earlier does not properly parse sshd log files, which allows ...↗2006

▶