Daniel B. Cid

2 exploits Active since Aug 2007

CVE-2009-5023 WRITEUP WRITEUP

Fail2ban < 0.8.4 - Symlink Following

The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt.

View Code

CVE-2007-4321 EXPLOITDB text WORKING POC

fail2ban <0.8 - DoS

fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.

View Code