PublicDate: 2007-08-14 00:17:00 UTC
Candidate: CVE-2007-4321
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4321
Description:
 fail2ban 0.8 and earlier does not properly parse sshd log files, which
 allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file
 and cause a denial of service by adding arbitrary IP addresses to the sshd
 log file, as demonstrated by logging in via ssh with a client protocol
 version identification containing an IP address string, a different vector
 than CVE-2006-6302.
Ubuntu-Description: 
Notes: 
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs: 
 https://bugs.launchpad.net/ubuntu/+source/fail2ban/+bug/181722
Patches_fail2ban:
 vendor: http://www.debian.org/security/2008/dsa-1456
dapper_fail2ban: ignored (reached end-of-life)
edgy_fail2ban: needed (reached end-of-life)
feisty_fail2ban: needed (reached end-of-life)
gutsy_fail2ban: released (0.8.0-4)
hardy_fail2ban: released (0.8.0-4)
intrepid_fail2ban: released (0.8.0-4)
jaunty_fail2ban: released (0.8.0-4)
karmic_fail2ban: released (0.8.0-4)
devel_fail2ban: released (0.8.0-4)
upstream_fail2ban: needs-triage