CVE-2009-0362

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2009-0362

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2009-0362.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2009-0362

Downstream

DEBIAN-CVE-2009-0362

Published

2009-02-13T01:30:00Z

Modified

2025-08-09T20:01:27Z

Summary

[none]

Details

filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321.

References

http://secunia.com/advisories/33890
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514163
http://www.securityfocus.com/bid/33734

CVE-2009-0362

Affected packages