Debian Security Advisory
DSA-1456-1 fail2ban -- programming error
- Date Reported:
- 09 Jan 2008
- Affected Packages:
- fail2ban
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2007-4321.
- More information:
-
Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address.
The old stable distribution (sarge) doesn't contain fail2ban.
For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1.
For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4.
We recommend that you upgrade your fail2ban package.
- Fixed in:
-
Debian GNU/Linux 4.0 (stable)
- Source:
- http://security.debian.org/pool/updates/main/f/fail2ban/fail2ban_0.7.5-2etch1.dsc
- http://security.debian.org/pool/updates/main/f/fail2ban/fail2ban_0.7.5-2etch1.diff.gz
- http://security.debian.org/pool/updates/main/f/fail2ban/fail2ban_0.7.5.orig.tar.gz
- http://security.debian.org/pool/updates/main/f/fail2ban/fail2ban_0.7.5-2etch1.diff.gz
- Architecture-independent component:
- http://security.debian.org/pool/updates/main/f/fail2ban/fail2ban_0.7.5-2etch1_all.deb
MD5 checksums of the listed files are available in the original advisory.