Debian Security Advisory DSA 1456-1 (fail2ban) Network Vulnerability

Summary

The remote host is missing an update to fail2ban announced via advisory DSA 1456-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201456-1

Insight

Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address. For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4. For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1. The old stable distribution (sarge) doesn't contain fail2ban. We recommend that you upgrade your fail2ban package.

Severity

Classification

CVE CVE-2007-4321
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 088-1 (fml)
Debian Security Advisory DSA 036-1 (mc)
Debian Security Advisory DSA 1023-1 (kaffeine)
Debian Security Advisory DSA 062-1 (rxvt)
Debian Security Advisory DSA 1139-1 (ruby1.6)

Take action and discover your vulnerabilities