It was found that fail2ban IPs banner used insecure default temporary file when unbanning an IP address. A local attacker could use this flaw to conduct symlink attacks in order to gain access to sensitive information or potentially to overwrite arbitrary file on the system. References: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=544232 Patch applied by Debian distribution: [2] http://git.onerussian.com/?p=deb/fail2ban.git;a=commitdiff;h=ea7d352616b1e2232fcaa99b11807a86ce29ed8b
This issue affects the versions of the fail2ban package, as present within EPEL-4, EPEL-5 and EPEL-6 repositories. This issue affects the versions of the fail2ban package, as shipped with Fedora release of 13 and 14. Please schedule an update.
Created fail2ban tracking bugs for this issue Affects: epel-4 [bug 700765] Affects: epel-5 [bug 700767] Affects: epel-6 [bug 700768] Affects: fedora-all [bug 700769]
CVE Request: [3] http://www.openwall.com/lists/oss-security/2011/04/29/1
(In reply to comment #1) > This issue affects the versions of the fail2ban package, as shipped > with Fedora release of 13 and 14. This seems to be fixed in Fedora already - see fail2ban-0.8.4-notmp.patch: http://pkgs.fedoraproject.org/gitweb/?p=fail2ban.git;a=blob;f=fail2ban-0.8.4-notmp.patch;h=dc09397f00790fdb494efced4f44675a9f56b0b7;hb=master (In reply to comment #0) > Patch applied by Debian distribution: > http://git.onerussian.com/?p=deb/fail2ban.git;a=commitdiff;h=ea7d352616b1e2232fcaa99b11807a86ce29ed8b Which seems to be a git-svn clone of the upstream SVN commit: http://fail2ban.svn.sourceforge.net/viewvc/fail2ban?view=revision&revision=767
*** This bug has been marked as a duplicate of bug 669965 ***
Please don't close SRT bugs. It does not look like fail2ban in EPEL has been fixed yet, so this bug shouldn't be closed. This has also been assigned the name CVE-2009-5023.
*** Bug 718836 has been marked as a duplicate of this bug. ***