/[advisories]/10550.adv
ViewVC logotype

Annotation of /10550.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 105 - (hide annotations) (download)
Fri Jun 28 10:00:08 2013 UTC (7 years, 8 months ago) by claire
File size: 790 byte(s)
Adding sec advisory for fail2ban mga#10550
1 claire 105 type: security
2     subject: Updated fail2ban packages fix CVE-2013-2178
3     CVE:
4     - CVE-2013-2178
5     src:
6     2:
7     core:
8     - fail2ban-0.8.6-3.2.mga2
9     3:
10     core:
11     - fail2ban-0.8.8-6.1.mga3
12     description: |
13     Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log
14     monitoring and system which can act on attack by preventing hosts to connect
15     to specified services using the local firewall.
16    
17     When using Fail2ban to monitor Apache logs, improper input validation in log
18     parsing could enable a remote attacker to trigger an IP ban on arbitrary
19     addresses, thus causing a denial of service (CVE-2013-2178).
20     references:
21     - https://vndh.net/note:fail2ban-089-denial-service
22     - http://www.debian.org/security/2013/dsa-2708
23     - https://bugs.mageia.org/show_bug.cgi?id=10550

  ViewVC Help
Powered by ViewVC 1.1.28