From ${URL} : Description Some weaknesses have been reported in Fail2ban, which can be exploited by malicious people to conduct spoofing attacks. 1) Multiple errors in regular expressions within the cyrus-imap filter can be exploited to e.g. spoof client IP addresses and subsequently cause arbitrary IP addresses to be banned. 2) Two errors in regular expressions within the postfix filter can be exploited to e.g. spoof client IP addresses and subsequently cause arbitrary IP addresses to be banned. 3) Some errors in regular expressions within unspecified filters can be exploited to e.g. spoof client IP addresses and subsequently cause arbitrary IP addresses to be banned. The weaknesses are reported in versions prior to 0.8.11. Solution: Update to version 0.8.11 or later. Provided and/or discovered by: 1, 2) US-CERT credits Steven Hiscocks. 3) Reported by the vendor. Original Advisory: Fail2ban: https://github.com/fail2ban/fail2ban/blob/master/ChangeLog US-CERT (VU#686662): http://www.kb.cert.org/vuls/id/686662 @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
0.8.11 should fix this, but 0.8.12 is out and should fix[1] the fix. [1] https://github.com/fail2ban/fail2ban/releases/tag/0.8.12
Arch teams, please test and mark stable: =net-analyzer/fail2ban-0.8.12 Targeted stable KEYWORDS : amd64 hppa ppc ppc64 x86
Stable for HPPA.
amd64 stable
x86 stable
ppc stable
ppc64 stable. Maintainer(s), please cleanup. Security, please vote.
GLSA vote: yes.
CVE-2013-7176 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7176): config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression.
Added to existing GLSA draft
Cleanup already done be jer.
This issue was resolved and addressed in GLSA 201406-03 at http://security.gentoo.org/glsa/glsa-201406-03.xml by GLSA coordinator Chris Reffett (creffett).