Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BlockHosts日志文件管理漏洞
Vulnerability Description
BlockHosts 2.0.4版本之前的版本没有适当分析(1) sshd and (2) vsftpd log files, which allows 远程攻击者通过向一个后台程序登录日志文件添加任意IP地址,例如通过连接一个具有IP地址字符串的客户协议版本的ssh,向/etc/hosts.allow文件添加任意拒绝进入信息并造成拒绝服务。该漏洞不同于CVE-2007-2765。
CVSS Information
N/A
Vulnerability Type
N/A