Denial of service through log injection in fail2ban
Bug #121374 reported by
Chris Fryer
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fail2ban (Debian) |
Fix Released
|
Unknown
|
|||
fail2ban (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Dapper |
Won't Fix
|
High
|
Unassigned | ||
Edgy |
Invalid
|
High
|
Unassigned |
Bug Description
Binary package hint: fail2ban
According to CVE 2006-6302 (http://
Ubuntu 6.06 (Dapper) uses fail2ban-
Ubuntu 6.10 (Edgy) uses fail2ban-
Both are still vulnerable.
There is a very similar vulnerability reported here:
http://
However, I am unsure whether this is specific to fail2ban version 0.8
CVE References
Changed in fail2ban: | |
importance: | Undecided → Medium |
status: | Unconfirmed → Confirmed |
description: | updated |
Changed in fail2ban: | |
status: | Unknown → Fix Released |
Changed in fail2ban (Ubuntu Dapper): | |
status: | Incomplete → Won't Fix |
Changed in fail2ban (Ubuntu Edgy): | |
status: | Won't Fix → Invalid |
To post a comment you must log in.
0.8.0-2 is still affected. either upcomming -3 or 0.8.1 should fix the
problem
On Thu, 21 Jun 2007, Chris Fryer wrote:
> ** Description changed:
> Binary package hint: fail2ban
> According to CVE 2006-6302 nvd.nist. gov/nvd. cfm?cvename= CVE-2006- 6302) fail2ban 0.6.1 and
> (http://
> below is vulnerable to log injection techniques, which can lead to the
> wrong IP address being banned. This can result in denial of service.
> Ubuntu 6.06 (Dapper) uses fail2ban- 0.6.0-3. deb 0.6.1-8. deb
> - Ubuntu 6.10 (Edgy) uses 0.6.1-8.deb
> + Ubuntu 6.10 (Edgy) uses fail2ban-
> Both are still vulnerable.
> There is a very similar vulnerability reported here:
> http:// www.ossec. net/en/ attacking- loganalysis. html#fail2ban
> However, I am unsure whether this is specific to fail2ban version 0.8 www.linkedin. com/in/ yarik
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://