PT-2019-10239 · None+1 · Sshguard+1

Joshua Signover

Published

2019-03-01

Updated

2020-08-24

CVE-2018-20798

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions: pfSense version 2.4.4 1

Description: The issue arises from the expiretable configuration in pfSense, which sets block durations that are incompatible with those implemented by sshguard. This incompatibility might facilitate attackers' attempts to bypass intended access restrictions.

Recommendations: For pfSense version 2.4.4 1, consider adjusting the expiretable configuration to ensure compatibility with sshguard's block durations, thereby reinforcing access restrictions.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2018-20798

Affected Products

Pfsense

Sshguard

PT-2019-10239 · None+1 · Sshguard+1

CVE-2018-20798

Weakness Enumeration

Related Identifiers

Affected Products

References · 3