CVE-2021-32749 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary command execution
Description	In fail2bain up to version 0.11.2, there is a vulnerability that leads to possible remote code execution in the mailing action "mail-whois". The "mail" command from the mailutils package used in mail actions like "mail-whois" can execute arbitrary commands if unescaped sequences (`\n~`) are available in "foreign" input (for instance in whois output). To exploit the vulnerability, an attacker would need to insert malicious characters into the response sent by the whois server, either via a man-in-the-middle (MITM) attack or by taking over a whois server.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2169	fail2ban	0.11.2-1	0.11.2-2	High	Fixed	FS#71524

References
https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844

Notes
Workaround ========== The way for users to fix or remediate the vulnerability without upgrading would be to avoid the usage of action mail-whois or to patch it manually.