Detections
Analytics

Fedora 14 : fail2ban-0.8.4-27.fc14 (2011-5153)

high Nessus Plugin ID 53553

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

fail2ban used predictable /tmp files which a local user can allocate before fail2ban does. All tmp files have been moved to /var/lib/fail2ban. This also helps with selinux policies.

Another security related fix is that fail2ban defaulted to gamin which conflicts with selinux, so users had to typically choose between fail2ban and selinux. fail2ban now defaults to inotify (thanks to Jonathan Underwood).

There are also some minor bugs fixed :

 - tmpfiles.d support for tmpfs /var/run

 - example mail domains changed to normalized example.com.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected fail2ban package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=551895

https://bugzilla.redhat.com/show_bug.cgi?id=552947

https://bugzilla.redhat.com/show_bug.cgi?id=656584

https://bugzilla.redhat.com/show_bug.cgi?id=658849

https://bugzilla.redhat.com/show_bug.cgi?id=669965

https://bugzilla.redhat.com/show_bug.cgi?id=669966

http://www.nessus.org/u?bcc1daa1

Plugin Details

Severity: High

ID: 53553

File Name: fedora_2011-5153.nasl

Version: 1.9

Type: local

Agent: unix

Published: 4/26/2011

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:fail2ban, cpe:/o:fedoraproject:fedora:14

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 4/10/2011

Reference Information

FEDORA: 2011-5153