Parent Directory
| 
Revision Log
MGASA-2013-0192
| 1 | claire | 105 | type: security |
| 2 | subject: Updated fail2ban packages fix CVE-2013-2178 | ||
| 3 | CVE: | ||
| 4 | - CVE-2013-2178 | ||
| 5 | src: | ||
| 6 | 2: | ||
| 7 | core: | ||
| 8 | - fail2ban-0.8.6-3.2.mga2 | ||
| 9 | 3: | ||
| 10 | core: | ||
| 11 | - fail2ban-0.8.8-6.1.mga3 | ||
| 12 | description: | | ||
| 13 | Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log | ||
| 14 | monitoring and system which can act on attack by preventing hosts to connect | ||
| 15 | to specified services using the local firewall. | ||
| 16 | |||
| 17 | When using Fail2ban to monitor Apache logs, improper input validation in log | ||
| 18 | parsing could enable a remote attacker to trigger an IP ban on arbitrary | ||
| 19 | addresses, thus causing a denial of service (CVE-2013-2178). | ||
| 20 | references: | ||
| 21 | - https://vndh.net/note:fail2ban-089-denial-service | ||
| 22 | - http://www.debian.org/security/2013/dsa-2708 | ||
| 23 | - https://bugs.mageia.org/show_bug.cgi?id=10550 | ||
| 24 | boklm | 120 | ID: MGASA-2013-0192 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |