VYPR

rpm package

opensuse/fail2ban&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/fail2ban&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2021-32749Jul 16, 2021
    affected < 0.11.2-3.1fixed 0.11.2-3.1

    fail2ban is a daemon to ban hosts that cause multiple authentication errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0 through 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action mail-whois. Command `mail` from

  • CVE-2009-5023Jun 10, 2014
    affected < 0.9.5-1.1fixed 0.9.5-1.1

    The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fa

  • CVE-2013-7177Feb 1, 2014
    affected < 0.9.5-1.1fixed 0.9.5-1.1

    config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.

  • CVE-2013-7176Feb 1, 2014
    affected < 0.9.5-1.1fixed 0.9.5-1.1

    config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.

  • CVE-2013-2178Aug 28, 2013
    affected < 0.9.5-1.1fixed 0.9.5-1.1

    The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.