CVE-2007-4321

EPSS 12.1%

fail2ban

發布日:2007/8/14修改日:2026/4/28

也稱為:DEBIAN-CVE-2007-4321

描述

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

受影響套件(2)

Debian/fail2banfrom 0, < 0.8.0-4
Debian/fail2banfrom 0, < 0.7.5-2etch1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-4321