SuSEfirewall2-fail2ban-0.9.5-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10347-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z SuSEfirewall2-fail2ban-0.9.5-1.1 on GA media These are all security issues fixed in the SuSEfirewall2-fail2ban-0.9.5-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10347 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2009-5023/ SUSE CVE CVE-2009-5023 page https://www.suse.com/security/cve/CVE-2013-2178/ SUSE CVE CVE-2013-2178 page https://www.suse.com/security/cve/CVE-2013-7176/ SUSE CVE CVE-2013-7176 page https://www.suse.com/security/cve/CVE-2013-7177/ SUSE CVE CVE-2013-7177 page openSUSE Tumbleweed SuSEfirewall2-fail2ban-0.9.5-1.1 fail2ban-0.9.5-1.1 nagios-plugins-fail2ban-0.9.5-1.1 SuSEfirewall2-fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed nagios-plugins-fail2ban-0.9.5-1.1 as a component of openSUSE Tumbleweed The (1) dshield.conf, (2) mail-buffered.conf, (3) mynetwatchman.conf, and (4) mynetwatchman.conf actions in action.d/ in Fail2ban before 0.8.5 allows local users to write to arbitrary files via a symlink attack on temporary files with predictable names, as demonstrated by /tmp/fail2ban-mail.txt. CVE-2009-5023 openSUSE Tumbleweed:SuSEfirewall2-fail2ban-0.9.5-1.1 openSUSE Tumbleweed:fail2ban-0.9.5-1.1 openSUSE Tumbleweed:nagios-plugins-fail2ban-0.9.5-1.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:C/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2009-5023.html CVE-2009-5023 https://bugzilla.suse.com/690853 SUSE Bug 690853 The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request. CVE-2013-2178 openSUSE Tumbleweed:SuSEfirewall2-fail2ban-0.9.5-1.1 openSUSE Tumbleweed:fail2ban-0.9.5-1.1 openSUSE Tumbleweed:nagios-plugins-fail2ban-0.9.5-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2178.html CVE-2013-2178 https://bugzilla.suse.com/824710 SUSE Bug 824710 https://bugzilla.suse.com/861504 SUSE Bug 861504 config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression. CVE-2013-7176 openSUSE Tumbleweed:SuSEfirewall2-fail2ban-0.9.5-1.1 openSUSE Tumbleweed:fail2ban-0.9.5-1.1 openSUSE Tumbleweed:nagios-plugins-fail2ban-0.9.5-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-7176.html CVE-2013-7176 https://bugzilla.suse.com/861503 SUSE Bug 861503 config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression. CVE-2013-7177 openSUSE Tumbleweed:SuSEfirewall2-fail2ban-0.9.5-1.1 openSUSE Tumbleweed:fail2ban-0.9.5-1.1 openSUSE Tumbleweed:nagios-plugins-fail2ban-0.9.5-1.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-7177.html CVE-2013-7177 https://bugzilla.suse.com/861503 SUSE Bug 861503 https://bugzilla.suse.com/861504 SUSE Bug 861504