Overview
Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. If users have not deployed either of these filters then they are not affected.
Description
Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. An attacker can cause arbitrary IP addresses to be blocked by fail2ban. CVE-2013-7177: cyrus-imap |
Impact
A remote unauthenticated attacker may cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services protected by Fail2ban. |
Solution
Apply an Update |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 7.8 | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Temporal | 6.4 | E:F/RL:OF/RC:C |
| Environmental | 4.8 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
Thanks to Steven Hiscocks for reporting this vulnerability.
This document was written by Jared Allar.
Other Information
| CVE IDs: | CVE-2013-7176, CVE-2013-7177 |
| Date Public: | 2014-01-20 |
| Date First Published: | 2014-01-28 |
| Date Last Updated: | 2014-01-28 15:09 UTC |
| Document Revision: | 14 |