CVE-2007-4322

Name of the Vulnerable Software and Affected Versions BlockHosts versions prior to 2.0.4

Description The issue allows remote attackers to cause a denial of service by adding arbitrary IP addresses to a daemon log file. This can be achieved by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string.

Recommendations For versions prior to 2.0.4, update to version 2.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the ssh and ftp services to minimize the risk of exploitation. Avoid using usernames or client protocol version identifications that contain IP address strings in the affected services until the issue is resolved.