MGASA-2013-0192

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0192.html

Import Source

https://advisories.mageia.org/MGASA-2013-0192.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2013-0192

Related

CVE-2013-2178

Published

2013-07-01T19:09:27Z

Modified

2013-07-01T19:09:21Z

Summary

Updated fail2ban packages fix CVE-2013-2178

Details

Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall.

When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enable a remote attacker to trigger an IP ban on arbitrary addresses, thus causing a denial of service (CVE-2013-2178).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:2 / fail2ban

Package

Name: fail2ban
Purl: pkg:rpm/mageia/fail2ban?distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.6-3.2.mga2

Ecosystem specific

{
    "section": "core"
}

Mageia:3 / fail2ban

Package

Name: fail2ban
Purl: pkg:rpm/mageia/fail2ban?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.8-6.1.mga3

Ecosystem specific

{
    "section": "core"
}