Fedora Core 9 FEDORA-2009-1736 (fail2ban) Network Vulnerability

Summary

The remote host is missing an update to fail2ban announced via advisory FEDORA-2009-1736.

Solution

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update fail2ban' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1736

Insight

Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. Update Information: This updates fixes CVE-2009-0362. See http://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2009-0362 for further details. ChangeLog: * Sat Feb 14 2009 Axel Thimm - 0.8.3-18 - Fix CVE-2009-0362 (Fedora bugs #485461, #485464, #485465, #485466). * Mon Dec 1 2008 Ignacio Vazquez-Abrams - 0.8.3-17 - Rebuild for Python 2.6 * Sun Aug 24 2008 Axel Thimm - 0.8.3-16 - Update to 0.8.3. * Wed May 21 2008 Tom spot Callaway - 0.8.2-15 - fix license tag * Thu Mar 27 2008 Axel Thimm - 0.8.2-14 - Close on exec fixes by Jonathan Underwood.

References

https://bugzilla.redhat.com/show_bug.cgi?id=485461

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0362

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Take action and discover your vulnerabilities