CVE-2021-32749 log

Severity High
Remote Yes
Type Arbitrary command execution
In fail2bain up to version 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action "mail-whois". The "mail" command from the mailutils package used in mail actions like "mail-whois" can execute arbitrary commands if unescaped sequences (`\n~`) are available in "foreign" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a man-in-the-middle (MITM) attack or by taking over a whois server.
Group Package Affected Fixed Severity Status Ticket
AVG-2169 fail2ban 0.11.2-1 0.11.2-2 High Fixed FS#71524

The way for users to fix or remediate the vulnerability without upgrading would be to avoid the usage of action mail-whois or to patch it manually.