Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5715

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-5715
Last Modified 15 Nov 2008 02:01:56
Published 30 Oct 2007 03:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5715

Summary

DenyHosts 2.6 processes OpenSSH sshd "not listed in AllowUsers" log messages with an incorrect regular expression that does not match an IP address, which might allow remote attackers to avoid detection and blocking when making invalid login attempts with a username not present in AllowUsers, as demonstrated by the root username, a different vulnerability than CVE-2007-4323.

Vulnerable Systems

Application

  • Denyhosts 2.6


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=237449

OSVDB - 45298

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=181213


Last Updated: 27 May 2016 10:46:14