CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
88.1%
fail2ban is a daemon to ban hosts that cause multiple authentication
errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0
through 0.11.2, there is a vulnerability that leads to possible remote code
execution in the mailing action mail-whois. Command mail
from mailutils
package used in mail actions like mail-whois
can execute command if
unescaped sequences (\n~
) are available in “foreign” input (for instance
in whois output). To exploit the vulnerability, an attacker would need to
insert malicious characters into the response sent by the whois server,
either via a MITM attack or by taking over a whois server. The issue is
patched in versions 0.10.7 and 0.11.3. As a workaround, one may avoid the
usage of action mail-whois
or patch the vulnerability manually.
github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9
github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9 (0.9)
github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844
github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844 (0.10, 0.11, 1.0)
github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
launchpad.net/bugs/cve/CVE-2021-32749
nvd.nist.gov/vuln/detail/CVE-2021-32749
security-tracker.debian.org/tracker/CVE-2021-32749
ubuntu.com/security/notices/USN-5232-1
www.cve.org/CVERecord?id=CVE-2021-32749
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
88.1%