CVE-2007-4323

Name of the Vulnerable Software and Affected Versions: DenyHosts version 2.6 DenyHosts versions prior to 2.6-r1

Description: The issue allows remote attackers to cause a denial of service by adding arbitrary IP addresses to the sshd log file. This can be achieved by logging in via ssh with a client protocol version identification containing an IP address string. The vulnerability may lead to a disruption of confidentiality, integrity, and availability of protected information.

Recommendations: For DenyHosts version 2.6, update to a version newer than 2.6-r1 to resolve the issue. For DenyHosts versions prior to 2.6-r1, update to a version newer than 2.6-r1 to resolve the issue. As a temporary workaround, consider restricting access to the sshd log file to minimize the risk of exploitation.