The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2013-08-28T17:18:00
Updated: 2024-08-06T15:27:41.112Z
Reserved: 2013-02-19T00:00:00
Link: CVE-2013-2178
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-08-28T23:55:10.597
Modified: 2024-11-21T01:51:11.650
Link: CVE-2013-2178
Redhat
No data.