This is the relevant line from /etc/fail2ban.conf when fail2ban 0.6.0-3
is installed on Ubuntu 6.06 LTS (Dapper).
failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?:
[iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user) .* from
(?:::f{4,6}:)?(?P<host>\S*)
This seems to allow any non-whitespace characters after <host>, which I
believe is the nature of the vulnerability described in CVE-2006-6302.
Please correct me if I'm wrong.
--
Denial of service through log injection in fail2ban
https://bugs.launchpad.net/bugs/121374
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
