Description
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Daniel B. Cid · textdoslinux
https://www.exploit-db.com/exploits/30430
References (8)
Core 8
Core References
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2008/dsa-1456
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23237
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/42484
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25117
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28374
Issue Tracking x_refsource_misc
http://bugs.gentoo.org/show_bug.cgi?id=181214
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200707-13.xml
Various Sources x_refsource_misc
http://www.ossec.net/en/attacking-loganalysis.html
Scores
EPSS
0.1211
EPSS Percentile
93.9%
Details
Status
published
Products (1)
fail2ban/fail2ban
0.8
Published
Aug 14, 2007
Tracked Since
Feb 18, 2026