/[advisories]/10550.adv
ViewVC logotype

Contents of /10550.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 105 - (show annotations) (download)
Fri Jun 28 10:00:08 2013 UTC (7 years, 7 months ago) by claire
File size: 790 byte(s)
Adding sec advisory for fail2ban mga#10550
1 type: security
2 subject: Updated fail2ban packages fix CVE-2013-2178
3 CVE:
4 - CVE-2013-2178
5 src:
6 2:
7 core:
8 - fail2ban-0.8.6-3.2.mga2
9 3:
10 core:
11 - fail2ban-0.8.8-6.1.mga3
12 description: |
13 Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log
14 monitoring and system which can act on attack by preventing hosts to connect
15 to specified services using the local firewall.
16
17 When using Fail2ban to monitor Apache logs, improper input validation in log
18 parsing could enable a remote attacker to trigger an IP ban on arbitrary
19 addresses, thus causing a denial of service (CVE-2013-2178).
20 references:
21 - https://vndh.net/note:fail2ban-089-denial-service
22 - http://www.debian.org/security/2013/dsa-2708
23 - https://bugs.mageia.org/show_bug.cgi?id=10550

  ViewVC Help
Powered by ViewVC 1.1.28