PT-2013-3579 · Fail2Ban · Fail2Ban

Nbs System Security Team

·

Publicado

2013-07-01

·

Atualizado

2024-06-15

·

CVE-2013-2178

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Fail2ban versions prior to 0.8.10
Description The issue arises from improper validation of log messages in certain configuration files, allowing remote attackers to block arbitrary IP addresses by sending specific messages in a request.
Recommendations For versions prior to 0.8.10, update to version 0.8.10 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2013-2178
DSA-2708-1
MGASA-2013-0192
OPENSUSE-SU-2024:10347-1

Produtos afetados

Fail2Ban