DenyHosts Remote Denial of Service Vulnerability
BID:21468
Info
DenyHosts Remote Denial of Service Vulnerability
| Bugtraq ID: | 21468 |
| Class: | Design Error |
| CVE: |
CVE-2006-6301 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 06 2006 12:00AM |
| Updated: | Jun 06 2007 11:10PM |
| Credit: | Tavis Ormandy <[email protected]> discovered this vulnerability. |
| Vulnerable: |
Phil Schwartz DenyHosts 0 Gentoo Linux |
| Not Vulnerable: | |
Discussion
DenyHosts Remote Denial of Service Vulnerability
DenyHosts is prone to a remote denial-of-service vulnerability becaus the application fails to properly ensure the source of authentication failure messages.
Successfully exploiting this issue allows remote attackers to add arbitrary IP addresses to the block list used by the application. This allows attackers to deny further SSH network access to arbitrary IP addresses, denying service to legitimate users.
DenyHosts is prone to a remote denial-of-service vulnerability becaus the application fails to properly ensure the source of authentication failure messages.
Successfully exploiting this issue allows remote attackers to add arbitrary IP addresses to the block list used by the application. This allows attackers to deny further SSH network access to arbitrary IP addresses, denying service to legitimate users.
Exploit / POC
DenyHosts Remote Denial of Service Vulnerability
Attackers use standard SSH-client software to exploit this issue.
Attackers use standard SSH-client software to exploit this issue.
Solution / Fix
DenyHosts Remote Denial of Service Vulnerability
Solution:
Please see the referenced advisory for more information.
Solution:
Please see the referenced advisory for more information.
References
DenyHosts Remote Denial of Service Vulnerability
References:
References:
- Bugzilla Bug 157163 (Tavis Ormandy
- DenyHosts Home Page (Phil Schwartz)
- Remote log injection on DenyHosts,Fail2ban and BlockHosts (Daniel Cid