CVE-2007-4321

EPSS 12.1%

fail2ban

Published: 8/14/2007Modified: 4/28/2026

Also known as:DEBIAN-CVE-2007-4321

Description

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

Affected packages (2)

Debian/fail2banfrom 0, < 0.8.0-4
Debian/fail2banfrom 0, < 0.7.5-2etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-4321