CVE-2013-2178 — Improper Input Validation in Fail2ban

CWE-20 — Improper Input Validation9 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.8%

top 25.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fail2ban Debian Fail2ban

Timeline

PublishedAug 28

Latest updateMay 17

Description

The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/fail2ban< fail2ban 0.8.10-1 (bookworm)

▶Debianfail2ban/fail2ban< 0.8.10-1+3

▶NVDfail2ban/fail2ban0.8.9+35

🔴Vulnerability Details

GHSA

GHSA-4339-77hj-xqhj: The apache-auth↗2022-05-17

▶

OSV

CVE-2013-2178: The apache-auth↗2013-08-28

▶

📋Vendor Advisories

Debian

CVE-2013-2178: fail2ban - The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overf...↗2013

▶

💬Community

Bugzilla

CVE-2013-7177 fail2ban: remote denial of service in cyrus-imap filter↗2014-01-31

▶

Bugzilla

CVE-2013-7176 fail2ban: remote denial of service in postfix filter↗2014-01-31

▶

Bugzilla

CVE-2013-2178 fail2ban: remote denial of service due to apache log parsing issue↗2013-06-12

▶

Bugzilla

CVE-2013-2178 fail2ban: remote denial of service due to apache log parsing issue [epel-all]↗2013-06-12

▶

Bugzilla

CVE-2013-2178 fail2ban: remote denial of service due to apache log parsing issue [fedora-all]↗2013-06-12

▶