Package: denyhosts
Version: 2.6-1
Severity: grave
Tags: security
Justification: user security hole
From CVE-2007-4323:
DenyHosts 2.6 does not properly parse sshd log files, which allows
remote attackers to add arbitrary hosts to the /etc/hosts.deny file
and cause a denial of service by adding
Hi,
I intend to upload an NMU to fix this problem, attached is a
patch which should fix CVE-2007-4323
I know its a bit early for an NMU announce but I thought it
might be useful since it also includes a patch for the
problem. So feel free to use it and upload yourself.
The patch is also
2 matches
Mail list logo