filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-02-13T01:00:00Z
Updated: 2024-09-16T20:26:16.757Z
Reserved: 2009-01-29T00:00:00Z
Link: CVE-2009-0362
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-02-13T01:30:00.360
Modified: 2024-11-21T00:59:43.697
Link: CVE-2009-0362
Redhat