Computer Security
[EN] no-pyccku

fail2ban DoS
updated since 08.07.2013
SecurityVulns ID:13154
Threat Level:
Description:It's possible to trigger a block for arbitrary client.
Affected:FAIL2BAN : fail2ban 0.8
CVE:CVE-2013-2178 (The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.)
Original documentdocumentKrzysztof Katowicz-Kowalewski, Fail2ban 0.8.9, Denial of Service (Apache rules only) (15.07.2013)
 documentMANDRIVA, [ MDVSA-2013:191 ] fail2ban (08.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod