LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

fail2ban: unspecified vulnerability

Package(s):fail2ban CVE #(s):CVE-2012-5642
Created:December 28, 2012 Updated:April 2, 2013
Description:

From the Fedora advisory:

The release notes for fail2ban 0.8.8 [1],[2] indicate:

* [83109bc] IMPORTANT: escape the content of <matches> (if used in custom action files) since its value could contain arbitrary symbols. Thanks for discovery go to the NBS System security team

This could cause issues on the system running fail2ban as it scans log files, depending on what content is matched. There isn't much more detail about this issue than what is described above, so I think it may largely depend on the type of regexp used (what it matches) and the contents of the log file being scanned (whether or not an attacher could insert something that could be used in a malicious way).

Alerts:
Fedora FEDORA-2012-20619 2012-12-28
Mageia MGASA-2012-0372 2012-12-31
openSUSE openSUSE-SU-2013:0566-1 2013-04-02
openSUSE openSUSE-SU-2013:0567-1 2013-04-02
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds