Your submission was sent successfully! Close

CVE-2012-5642

Published: 31 December 2012

server/action.py in Fail2ban before 0.8.8 does not properly handle the content of the matches tag, which might allow remote attackers to trigger unsafe behavior in a custom action file via unspecified symbols in this content.

Priority

Medium

Status

Package Release Status
fail2ban
Launchpad, Ubuntu, Debian
Upstream
Released (0.8.8)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(0.8.10-1)
Patches:
Upstream: https://github.com/fail2ban/fail2ban/commit/83109bc