fail2ban is vulnerable to remote code execution. The mailing action mail-whois
command mail
from mailutils package used in mail actions like mail-whois
can execute command allows an attacker to execute arbitrary commands due to unescaped sequences \n~
in foreign input.
github.com/fail2ban/fail2ban/commit/2ed414ed09b3bb4c478abc9366a1ff22024a33c9
github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844
github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
lists.fedoraproject.org/archives/list/[email protected]/message/5WHJK2X2MR2WDYZMCW7COZXJDUSDYMY6/
lists.fedoraproject.org/archives/list/[email protected]/message/ZRYQ77MTX5WSV33VCJLK4KBKR55QZ7ZA/
security-tracker.debian.org/tracker/CVE-2021-32749