New Search

DoS for arbitrary chosen IP addresses

oval:org.mitre.oval:def:17338

The apache-auth.conf apache-nohome.conf apache-noscript.conf and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages which allows remote attackers to block arbitrary IP addresses via certain messages in a request.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • openSUSE 12.3
  • openSUSE 12.2
  • openSUSE 11.4
Class:
vulnerability
Reference(s):
  • CVE-2013-2178
Product(s):