Computer Security
[EN] securityvulns.ru no-pyccku


fail2ban DoS
updated since 08.07.2013
Published:15.07.2013
Source:
SecurityVulns ID:13154
Type:remote
Threat Level:
5/10
Description:It's possible to trigger a block for arbitrary client.
Affected:FAIL2BAN : fail2ban 0.8
CVE:CVE-2013-2178 (The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.)
Original documentdocumentKrzysztof Katowicz-Kowalewski, Fail2ban 0.8.9, Denial of Service (Apache rules only) (15.07.2013)
 documentMANDRIVA, [ MDVSA-2013:191 ] fail2ban (08.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod