Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: GLSA-200710-14 Normal: DenyHosts Denial Of Service

gentoo
Calendar Grey October 13, 2007
Dist Gentoo Esm H88
The DenyHosts app in Gentoo Linux has a critical parsing flaw that can expose systems to remote denial of service risks. Immediate action is advised
DenyHosts does not correctly parse log entries, potentially causing a remote Denial of Service.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200710-14
                                            https://security.gentoo.org/

  Severity: Normal
     Title: DenyHosts: Denial of Service
      Date: October 13, 2007
      Bugs: #181213
        ID: 200710-14


Synopsis
=======
DenyHosts does not correctly parse log entries, potentially causing a
remote Denial of Service.

Background
=========
DenyHosts is designed to monitor SSH servers for repeated failed login
attempts.

Affected packages
================
    -------------------------------------------------------------------
     Package              /  Vulnerable  /                  Unaffected
    -------------------------------------------------------------------
  1  app-admin/denyhosts      < 2.6-r1                       >= 2.6-r1

==========
Daniel B. Cid discovered that DenyHosts used an incomplete regular
expression to parse failed login attempts, a different issue ...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory denial of service remote exploit gentoo linux normal denyhosts

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory denial of service remote exploit gentoo linux normal denyhosts

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here