Fail2ban: Denial of Service — GLSA 200707-13

Fail2ban is vulnerable to a Denial of Service attack.

Affected Packages

net-analyzer/fail2ban on all architectures
Affected versions < 0.8.0-r1
Unaffected versions >= 0.8.0-r1

Background

Fail2ban is a tool for parsing log files and banning IP addresses which make too many password failures.

Description

A vulnerability has been discovered in Fail2ban when parsing log files.

Impact

A remote attacker could send specially crafted SSH login banners to the vulnerable host, which would prevent any ssh connection to the host and result in a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Fail2ban users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-analyzer/fail2ban-0.8.0-r1"

References

Release Date
July 28, 2007

Latest Revision
January 09, 2008: 02

Severity
normal

Exploitable
remote

Bugzilla entries