This is the relevant line from /etc/fail2ban.conf when fail2ban 0.6.0-3 is installed on Ubuntu 6.06 LTS (Dapper).
failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user) .* from (?:::f{4,6}:)?(?P<host>\S*)
This seems to allow any non-whitespace characters after <host>, which I believe is the nature of the vulnerability described in CVE-2006-6302. Please correct me if I'm wrong.
This is the relevant line from /etc/fail2ban.conf when fail2ban 0.6.0-3 is installed on Ubuntu 6.06 LTS (Dapper).
failregex = : (?:(?:Authentic ation failure|Failed [-/\w+]+) for(?: [iI](?: llegal| nvalid) user)?| [Ii](?: llegal| nvalid) user) .* from (?:::f{ 4,6}:)? (?P<host> \S*)
This seems to allow any non-whitespace characters after <host>, which I believe is the nature of the vulnerability described in CVE-2006-6302. Please correct me if I'm wrong.