> This seems to allow any non-whitespace characters after <host>, which I
> believe is the nature of the vulnerability described in CVE-2006-6302.
> Please correct me if I'm wrong.
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://www.linkedin.com/in/yarik
and actually since .* is greedy, vulnerability is not there actually...
could you test on example?
On Wed, 12 Dec 2007, Chris Fryer wrote:
> This is the relevant line from /etc/fail2ban.conf when fail2ban 0.6.0-3
> is installed on Ubuntu 6.06 LTS (Dapper).
> failregex = : (?:(?:Authentic ation failure|Failed [-/\w+]+) for(?: llegal| nvalid) user)?| [Ii](?: llegal| nvalid) user) .* from 4,6}:)? (?P<host> \S*)
> [iI](?:
> (?:::f{
> This seems to allow any non-whitespace characters after <host>, which I www.linkedin. com/in/ yarik
> believe is the nature of the vulnerability described in CVE-2006-6302.
> Please correct me if I'm wrong.
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://