Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2007-4321

Published: 14 August 2007

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

Priority

Unknown

Status

Package Release Status
fail2ban
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
edgy Ignored
(end of life, was needed)
feisty Ignored
(end of life, was needed)
gutsy
Released (0.8.0-4)
hardy
Released (0.8.0-4)
intrepid
Released (0.8.0-4)
jaunty
Released (0.8.0-4)
karmic
Released (0.8.0-4)
upstream Needs triage

Patches:
vendor: http://www.debian.org/security/2008/dsa-1456