CVE-2006-6302

Name of the Vulnerable Software and Affected Versions fail2ban versions 0.7.4 and earlier

Description The issue allows remote attackers to cause a denial of service by adding arbitrary IP addresses to the sshd log file. This can be achieved by logging in via ssh with a login name containing certain strings with an IP address, which are not properly parsed from sshd log files.

Recommendations For versions 0.7.4 and earlier, consider updating to a newer version that properly parses sshd log files to prevent arbitrary hosts from being added to the /etc/hosts.deny file. As a temporary workaround, consider restricting access to the sshd log file to minimize the risk of exploitation.