PT-2007-4079 · Blockhost · Blockhost
Published
2007-05-18
·
Updated
2017-07-29
·
CVE-2007-2765
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
BlockHosts versions prior to 2.0.3
Description
The issue allows remote attackers to cause a denial of service by adding arbitrary IP addresses to a daemon log file. This is achieved by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression in the
blockhosts.py script.Recommendations
For versions prior to 2.0.3, update to version 2.0.3 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Blockhost