Summary
The remote host is missing an update to fail2ban
announced via advisory DSA 1456-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201456-1
Insight
Daniel B. Cid discovered that fail2ban, a tool to block IP addresses that cause login failures, is too liberal about parsing SSH log files, allowing an attacker to block any IP address.
For the unstable distribution (sid), this problem has been fixed in version 0.8.0-4.
For the stable distribution (etch), this problem has been fixed in version 0.7.5-2etch1.
The old stable distribution (sarge) doesn't contain fail2ban.
We recommend that you upgrade your fail2ban package.
Severity
Classification
-
CVE CVE-2007-4321 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities