Vulnerability Note VU#686662
Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities
Overview
Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. If users have not deployed either of these filters then they are not affected.
Description
Fail2ban versions prior to 0.8.11 are susceptible to a denial-of-service attack when a maliciously crafted email address is parsed by the postfix or cyrus-imap filters. An attacker can cause arbitrary IP addresses to be blocked by fail2ban. CVE-2013-7177: cyrus-imap |
Impact
A remote unauthenticated attacker may cause arbitrary IP addresses to be blocked by Fail2ban causing legitimate users to be blocked from accessing services protected by Fail2ban. |
Solution
Apply an Update |
Vendor Information (Learn More)
| Vendor | Status | Date Notified | Date Updated |
|---|---|---|---|
| Fail2ban | Affected | - | 23 Jan 2014 |
CVSS Metrics (Learn More)
| Group | Score | Vector |
|---|---|---|
| Base | 7.8 | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Temporal | 6.4 | E:F/RL:OF/RC:C |
| Environmental | 4.8 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- http://www.fail2ban.org
- https://github.com/fail2ban/fail2ban/commit/bd175f026737d66e7110868fb50b3760ff75e087
- https://github.com/fail2ban/fail2ban/commit/eb2f0c927257120dfc32d2450fd63f1962f38821
Credit
Thanks to Steven Hiscocks for reporting this vulnerability.
This document was written by Jared Allar.
Other Information
- CVE IDs: CVE-2013-7176 CVE-2013-7177
- Date Public: 20 Jan 2014
- Date First Published: 28 Jan 2014
- Date Last Updated: 28 Jan 2014
- Document Revision: 13
Feedback
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.