> This seems to allow any non-whitespace characters after <host>, which I
> believe is the nature of the vulnerability described in CVE-2006-6302.
> Please correct me if I'm wrong.
being not anchored at the end of the string is the real reason for such
vulnerability imho
--
Yaroslav Halchenko
Ph.D. Student CS Dept. NJIT
--
Denial of service through log injection in fail2ban
https://bugs.launchpad.net/bugs/121374
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
