PyPi: Denyhosts

CVE-2013-6890

Safety vulnerability ID: 67959

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Dec 23, 2013 Updated at Apr 17, 2024

Scan your Python projects for vulnerabilities →

Advisory

denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.

Affected package

denyhosts

Latest version: 2.6

DenyHosts is a utility to help sys admins thwart ssh hackers

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6890

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 5.0

CVSS v2 Details

MEDIUM 5.0

Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (Au): NONE
Confidentiality Impact (C): NONE
Integrity Impact (I): NONE
Availability Impact (A): PARTIAL