Advisories » MGASA-2014-0080

Updated denyhosts package fixes security vulnerability

Publication date: 17 Feb 2014
Modification date: 17 Feb 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2013-6890

Description

Helmut Grohne discovered that denyhosts, a tool preventing SSH brute-force
attacks, could be used to perform remote denial of service against the SSH
daemon. Incorrectly specified regular expressions used to detect brute
force attacks in authentication logs could be exploited by a malicious
user to forge crafted login names in order to make denyhosts ban arbitrary
IP addresses (CVE-2013-6890).

This update also includes a fix for a regression introduced when fixing
CVE-2013-6890.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=12092
• http://www.debian.org/security/2013/dsa-2826
• https://lists.debian.org/debian-security-announce/2014/msg00018.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890

SRPMS

3/core

• denyhosts-2.6-4.4.mga3