/[advisories]/10550.adv
ViewVC logotype

Contents of /10550.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 120 - (show annotations) (download)
Mon Jul 1 19:09:21 2013 UTC (3 years, 10 months ago) by boklm
File size: 810 byte(s)
MGASA-2013-0192
1 type: security
2 subject: Updated fail2ban packages fix CVE-2013-2178
3 CVE:
4 - CVE-2013-2178
5 src:
6 2:
7 core:
8 - fail2ban-0.8.6-3.2.mga2
9 3:
10 core:
11 - fail2ban-0.8.8-6.1.mga3
12 description: |
13 Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log
14 monitoring and system which can act on attack by preventing hosts to connect
15 to specified services using the local firewall.
16
17 When using Fail2ban to monitor Apache logs, improper input validation in log
18 parsing could enable a remote attacker to trigger an IP ban on arbitrary
19 addresses, thus causing a denial of service (CVE-2013-2178).
20 references:
21 - https://vndh.net/note:fail2ban-089-denial-service
22 - http://www.debian.org/security/2013/dsa-2708
23 - https://bugs.mageia.org/show_bug.cgi?id=10550
24 ID: MGASA-2013-0192

  ViewVC Help
Powered by ViewVC 1.1.26