The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-08-28T17:18:00

Updated: 2024-08-06T15:27:41.112Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2178

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-08-28T23:55:10.597

Modified: 2024-11-21T01:51:11.650

Link: CVE-2013-2178

cve-icon Redhat

No data.