CVE-2013-6890
First published: Mon Dec 23 2013(Updated: )
denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Debian Debian Linux | =6.0 | |
| Debian Debian Linux | =7.0 | |
| Debian Debian Linux | =7.1 | |
| Fedoraproject Fedora | ||
| Phil Schwartz Denyhosts | =2.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/oss-sec/2013/q4/535
- http://secunia.com/advisories/56239
- http://www.debian.org/security/2013/dsa-2826
- https://bugzilla.redhat.com/show_bug.cgi?id=1045982
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1045983
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1045984
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=840691&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=840691&action=edit
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-6890
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/event
- agent/description
- agent/trending
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/6.0
- version/debian debian linux/7.0
- version/debian debian linux/7.1
- vendor/fedoraproject
- canonical/fedoraproject fedora
- vendor/phil schwartz
- canonical/phil schwartz denyhosts
- version/phil schwartz denyhosts/2.6