Fail2ban – Remote Code Execution – CVE-2021-32749

Source: Hacker News

Article note: Eehh. It's a vuln in 'mail' Fail2Ban has more suitable, more often used logging facilities, and recent versions prefer sendmail to mail. Still an interesting little escaping bug, because escaping (like any sort of in-band control) is fraught.
This entry was posted in News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *