Lucene search
HistoryFeb 01, 2014 - 3:55 p.m.
CVE-2013-7177
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.017
Percentile
87.8%
config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
Affected configurations
Node
fail2banfail2banRange≤0.8.10
ORfail2banfail2banMatch0.1.0
ORfail2banfail2banMatch0.1.1
ORfail2banfail2banMatch0.1.2
ORfail2banfail2banMatch0.3.0
ORfail2banfail2banMatch0.3.1
ORfail2banfail2banMatch0.4.0
ORfail2banfail2banMatch0.4.1
ORfail2banfail2banMatch0.5.0
ORfail2banfail2banMatch0.5.1
ORfail2banfail2banMatch0.5.2
ORfail2banfail2banMatch0.5.3
ORfail2banfail2banMatch0.5.4
ORfail2banfail2banMatch0.5.5
ORfail2banfail2banMatch0.6.0
ORfail2banfail2banMatch0.6.1
ORfail2banfail2banMatch0.7.0
ORfail2banfail2banMatch0.7.1
ORfail2banfail2banMatch0.7.2
ORfail2banfail2banMatch0.7.3
ORfail2banfail2banMatch0.7.4
ORfail2banfail2banMatch0.7.5
ORfail2banfail2banMatch0.7.6
ORfail2banfail2banMatch0.7.7
ORfail2banfail2banMatch0.7.8
ORfail2banfail2banMatch0.7.9
ORfail2banfail2banMatch0.8.0
ORfail2banfail2banMatch0.8.1
ORfail2banfail2banMatch0.8.2
ORfail2banfail2banMatch0.8.3
ORfail2banfail2banMatch0.8.4
ORfail2banfail2banMatch0.8.5
ORfail2banfail2banMatch0.8.6
ORfail2banfail2banMatch0.8.7
ORfail2banfail2banMatch0.8.7.1
ORfail2banfail2banMatch0.8.8
ORfail2banfail2banMatch0.8.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fail2ban | fail2ban | * | cpe:2.3:a:fail2ban:fail2ban:*:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.1.0 | cpe:2.3:a:fail2ban:fail2ban:0.1.0:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.1.1 | cpe:2.3:a:fail2ban:fail2ban:0.1.1:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.1.2 | cpe:2.3:a:fail2ban:fail2ban:0.1.2:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.3.0 | cpe:2.3:a:fail2ban:fail2ban:0.3.0:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.3.1 | cpe:2.3:a:fail2ban:fail2ban:0.3.1:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.4.0 | cpe:2.3:a:fail2ban:fail2ban:0.4.0:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.4.1 | cpe:2.3:a:fail2ban:fail2ban:0.4.1:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.5.0 | cpe:2.3:a:fail2ban:fail2ban:0.5.0:*:*:*:*:*:*:* |
| fail2ban | fail2ban | 0.5.1 | cpe:2.3:a:fail2ban:fail2ban:0.5.1:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2014-02-01 15:55:00
cvelist
cvelist
CVE-2013-7177
2014-02-01 15:00:00
ubuntucve
ubuntucve
CVE-2013-7177
2014-02-01 00:00:00
debiancve
debiancve
CVE-2013-7177
2014-02-01 15:55:04
cve
cve
CVE-2013-7177
2014-02-01 15:55:04
nessus
nessus
Debian DSA-2979-1 : fail2ban - security update
2014-07-18 00:00:00
Debian DLA-21-1 : fail2ban security update
2015-03-26 00:00:00
openSUSE Security Update : fail2ban (openSUSE-SU-2014:0348-1)
2014-06-13 00:00:00
mageia
mageia
Updated fail2ban packages fix security issues
2014-04-16 17:12:59
cert
cert
securityvulns
securityvulns
DoS via fail2ban
2014-07-21 00:00:00
[SECURITY] [DSA 2979-1] fail2ban security update
2014-07-21 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-0021-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0176)
2022-01-28 00:00:00
Debian Security Advisory DSA 2979-1 (fail2ban - security update)
2014-07-17 00:00:00
debian
debian
[DLA-0021-1] fail2ban security update
2014-07-26 10:35:59
[SECURITY] [DSA 2979-1] fail2ban security update
2014-07-17 15:59:11
osv
osv
fail2ban - security update
2014-07-26 00:00:00
SuSEfirewall2-fail2ban-0.9.5-1.1 on GA media
2024-06-15 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.4
Confidence
Low
EPSS
0.017
Percentile
87.8%
Related for NVD:CVE-2013-7177