CVE-2013-6890

Related Files

Gentoo Linux Security Advisory 201406-23

Posted Jun 25, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-23 - A vulnerability in DenyHosts could allow a remote attacker to create a Denial of Service condition. Versions less than 2.6-r9 are affected.

tags | advisory, remote, denial of service

systems | linux, gentoo

advisories | CVE-2013-6890

SHA-256 | 57dc3e1a285c8fe8b6958526718ba1dc4e63fc27f271542dcf6e8b4fc210723f

Download | Favorite | View

Debian Security Advisory 2826-2

Posted Jan 24, 2014

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2826-2 - A regression has been found on the denyhosts packages fixing CVE-2013-6890. This regression could cause an attempted breakin attempt to be missed by denyhosts, which would then fail to enforce a ban.

tags | advisory

systems | linux, debian

advisories | CVE-2013-6890

SHA-256 | 1bbcb2ef9cd6819e795dc162ddb5c7da744ee0f48217762ade9f578929c5dbef

Download | Favorite | View

Debian Security Advisory 2826-1

Posted Dec 23, 2013

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2826-1 - Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force attacks, could be used to perform remote denial of service against the SSH daemon. Incorrectly specified regular expressions used to detect brute force attacks in authentication logs could be exploited by a malicious user to forge crafted login names in order to make denyhosts ban arbitrary IP addresses.

tags | advisory, remote, denial of service, arbitrary

systems | linux, debian

advisories | CVE-2013-6890

SHA-256 | 911eae8a4359777646922069bd137d138c159a2227879e5f26b8365600301c86

Download | Favorite | View