CVE-2007-4321
fail2ban
EPSS 12.1%
Description
fail2ban 0.8 and earlier does not properly parse sshd log files, which allows remote attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a denial of service by adding arbitrary IP addresses to the sshd log file, as demonstrated by logging in via ssh with a client protocol version identification containing an IP address string, a different vector than CVE-2006-6302.
How to fix CVE-2007-4321
To remediate CVE-2007-4321, upgrade the affected package to a fixed version below.
- Debian/fail2ban—upgrade to 0.8.0-4 or later
- Debian/fail2ban—upgrade to 0.7.5-2etch1 or later
Is CVE-2007-4321 being exploited?
Moderate — EPSS is 12.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.8.0-4
- from 0, < 0.7.5-2etch1