CVE-2007-2765 (GCVE-0-2007-2765)

Vulnerability from cvelistv5 – Published: 2007-05-18 22:00 – Updated: 2024-08-07 13:49
VLAI
Summary
blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301.
Severity
No CVSS data available.
CWE
  • n/a
Assigner
References
URL Tags
http://www.securityfocus.com/bid/24090 vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2007/1906 vdb-entryx_refsource_VUPEN
http://osvdb.org/36516 vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.aczoom.com/tools/blockhosts/CHANGES x_refsource_CONFIRM
http://secunia.com/advisories/25352 third-party-advisoryx_refsource_SECUNIA
Date Public
2007-05-17 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T13:49:57.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24090",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24090"
          },
          {
            "name": "ADV-2007-1906",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1906"
          },
          {
            "name": "36516",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/36516"
          },
          {
            "name": "blockhosts-daemonlog-dos(34426)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34426"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.aczoom.com/tools/blockhosts/CHANGES"
          },
          {
            "name": "25352",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25352"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24090",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24090"
        },
        {
          "name": "ADV-2007-1906",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1906"
        },
        {
          "name": "36516",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/36516"
        },
        {
          "name": "blockhosts-daemonlog-dos(34426)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34426"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.aczoom.com/tools/blockhosts/CHANGES"
        },
        {
          "name": "25352",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25352"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-2765",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24090",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24090"
            },
            {
              "name": "ADV-2007-1906",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1906"
            },
            {
              "name": "36516",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/36516"
            },
            {
              "name": "blockhosts-daemonlog-dos(34426)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34426"
            },
            {
              "name": "http://www.aczoom.com/tools/blockhosts/CHANGES",
              "refsource": "CONFIRM",
              "url": "http://www.aczoom.com/tools/blockhosts/CHANGES"
            },
            {
              "name": "25352",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25352"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-2765",
    "datePublished": "2007-05-18T22:00:00.000Z",
    "dateReserved": "2007-05-18T00:00:00.000Z",
    "dateUpdated": "2024-08-07T13:49:57.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2007-2765",
      "date": "2026-06-06",
      "epss": "0.01316",
      "percentile": "0.80215"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-2765\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-05-18T22:30:00.000\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"blockhosts.py in BlockHosts before 2.0.3 does not properly parse daemon log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by logging in through ssh using a login name containing certain strings with an IP address, which is not properly handled by a regular expression, a related issue to CVE-2006-6301.\"},{\"lang\":\"es\",\"value\":\"El blockhosts.py en el BlockHosts anterior al 2.0.3 no analiza la sint\u00e1sis correctamente de los ficheros de trazas del demonio, lo que permite a atacantes remotos a\u00f1adir denegaciones de entradas de su elecci\u00f3n en el fichero  /etc/hosts.allow y provocar una denegaci\u00f3n de servicio a\u00f1adiendo direcciones IP de su elecci\u00f3n en el fichero de trazas del demonio, como lo demostrado valid\u00e1ndose en el sistema con ssh usando un nombre que contiene ciertas cadenas con direcciones IP, lo que no es manejado correctamente por las expresiones regulares. Relacionada con la vulnerabilidad CVE-2006-6301.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:C\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ac_zoom:blockhosts:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.2\",\"matchCriteriaId\":\"DE64C5D4-E9F0-43EB-B9EB-AC1884EDE9CE\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/36516\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25352\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.aczoom.com/tools/blockhosts/CHANGES\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24090\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/1906\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34426\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/36516\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25352\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.aczoom.com/tools/blockhosts/CHANGES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/1906\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34426\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.