CVE-2007-5715

Name of the Vulnerable Software and Affected Versions DenyHosts version 2.6

Description The issue arises from DenyHosts 2.6 processing OpenSSH sshd log messages with an incorrect regular expression, potentially allowing remote attackers to bypass detection when making invalid login attempts with a username not listed in AllowUsers. This could be achieved by using a username such as 'root' that is not present in the AllowUsers configuration.

Recommendations For DenyHosts version 2.6, consider updating the regular expression used to process OpenSSH sshd log messages to correctly match IP addresses and improve detection of invalid login attempts. As a temporary workaround, closely monitor login attempts and manually block suspicious IP addresses to minimize the risk of exploitation.