Red Hat Bugzilla – Bug 973756
CVE-2013-2178 fail2ban: remote denial of service due to apache log parsing issue
Last modified: 2015-07-31 03:07:47 EDT
It was reported  that fail2ban improperly parses Apache log files, due to improper regular expressions. This could allow a remote attacker to send a crafted URL to a web site which, when parsed by fail2ban, would deny a specific IP address (not the remote attacker's IP).
This was reported against fail2ban 0.8.9, but earlier versions use the same regular expression. This has not yet been addressed upstream; the original report suggests replacement regular expressions, but in my (limited) testing they do not seem to work (testing using fail2ban-regex).
Created fail2ban tracking bugs for this issue
Affects: fedora-all [bug 973757]
Affects: epel-all [bug 973758]
The CVE identifier of CVE-2013-2178 has been assigned to this issue:
fail2ban-0.8.10-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
fail2ban-0.8.10-1.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.