Commit Graph

3735 Commits (0.9)
 

Author SHA1 Message Date
sebres 2ed414ed09 fixed possible RCE vulnerability, unset escape variable (default tilde) stops consider "~" char after new-line as composing escape sequence
3 years ago
sebres 5430091acb jail `counter-strike`: removed link to site with redirect to malicious page (gh-2868)
4 years ago
Sergey G. Brester b1e1cab4b7
Merge pull request #2246 from shaneforsythe/shaneforsythe-patch-2
5 years ago
sebres 83f626c4aa (grave) closes gh-2431: replace newlines in message from systemd journal (otherwise multi-line parsing is broken, because removal of matched string from multi-line buffer window is confused by extra new-lines, so they are retained and got matched on every followed message).
6 years ago
Sergey G. Brester 7a463eb3f7
closes gh-2395: safe conversion of `SYSLOG_PID` or `_PID` (if journal entry contains a string instead of numeric)
6 years ago
Sergey G. Brester 7a7a905ab2
0.9 - Merge pull request #2339 from cFire/master
6 years ago
sebres f3cea45d2a Merge pull request #2290 from james-choncholas/0.11 (rebased)
6 years ago
sebres 1a9527e6a4 fixed catch-all on user (and simplifying)
6 years ago
jim a7f3ba87f6 filter.d/sogo-auth.conf: fixes gh-2289 - matching auth-failures when behind a proxy;
6 years ago
Sergey G. Brester 5c44ca714f
Merge pull request #2317 from Yannik/patch-2
6 years ago
Cool Fire 27526e431b Changes static logfile string to variable
6 years ago
Cool Fire b31a018e7c Add override for dovecot failed logins on debian
6 years ago
Yannik Sembritzki 547504873e
Add test case for new asterisk pjsip log syntax which includes the port
6 years ago
Yannik Sembritzki 6b4404b1bc
Fix asterisk filter not catching attackers when port is logged (Fixes #2316)
6 years ago
Sergey G. Brester 189c3f964b
Merge pull request #2276 from dienteperro/patch-1
6 years ago
dienteperro 0df221b54b
"be" instead of "me" in shorewall.conf
6 years ago
Shane Forsythe 8614ca8c41
Update proftpd.conf
6 years ago
cheese1 43db4411de small typo
7 years ago
Sergey G. Brester 088192ea9f
Merge pull request #1960 from comradekingu/patch-1
7 years ago
Sergey G. Brester 9710c8c996
minor fix with reindent
7 years ago
Allan Nordhøy d7e320b96d
reverting linux indentation
7 years ago
Sergey G. Brester 37f5a6975e
Merge pull request #2015 from BenediktSeidl/nginx-http-auth--spaces-fix
7 years ago
sebres 63e906b2c1 regex rewritten: a bit fewer vulnerable now and using non-capturing groups, test-cases extended in order to cover trying of injection on user name
7 years ago
Benedikt Seidl fed6c49c2d nginx-http-auth: match usernames with spaces
7 years ago
Sergey G. Brester 9a8c4a9869
Merge pull request #2018 from riceru/patch-1
7 years ago
Sergey G. Brester b6c6565a7e
regex updated using non-capturing groups
7 years ago
Sergey G. Brester 9a46590486
extended test-cases to cover new log-format (http_auth -> mod_auth)
7 years ago
riceru 6a1bbbf101
Update lighttpd-auth.conf
7 years ago
Serg G. Brester 7e05976ead
action.d/hostsdeny.conf: actionunban rewritten using sed, also dots in IP were escaped now.
7 years ago
sebres 314e402fe0 filter.d/sendmail-auth.conf - extended daemon for Fedora 24/RHEL - the daemon name is "sendmail" (gh-1632)
7 years ago
Serg G. Brester 029cd5aa24
Update ChangeLog
7 years ago
Serg G. Brester 597a27576e
Merge pull request #1908 from GetPageSpeed/firewallcmd-ipset-allports
7 years ago
sebres 131b94e11e firewallcmd-ipset-allports: implemented in `action.d/firewallcmd-ipset.conf` now (`action.d/firewallcmd-ipset-allports.conf` removed), usage:
7 years ago
Danila Vershinin c190631f88 New ban action firewallcmd-ipset-allports. Closes #1167
7 years ago
sebres 3d9a112c8f cherry-pick newer version of extractOptions, in order to avoid large discrepancy between 0.10 and 0.9 config-parsers:
7 years ago
Serg G. Brester 82f8bd8639
Merge pull request #2011 from Yannik/patch-1
7 years ago
Serg G. Brester f7e2d3610b
Update ChangeLog
7 years ago
Serg G. Brester a1d1498561
Restore log-entries not affected by #2011
7 years ago
Yannik Sembritzki aab54bb0dd
don't replace normal test case with specialized test case
7 years ago
Yannik Sembritzki 94f0b15c32
Allow faster parsing of hosts without ' characters in them
7 years ago
Yannik Sembritzki eaf5e88692
replace actual offenders ip with 1.2.3.4
7 years ago
Yannik Sembritzki 184202c6aa
remove duplicate testcase
7 years ago
Yannik Sembritzki a53ee46ad4
add test for asterisk pjsip attack with quote in username
7 years ago
Yannik Sembritzki b28dfb965a
Fix filter not catching asterisk requests with quote character in username (fixes #2010)
7 years ago
Serg G. Brester f96761927d
Merge pull request #1969 from RaidForums/patch-1
7 years ago
Kevin Maradona 6c705d572b filter.d/nginx-limit-req.conf: nginx limit-req log-level can be set to warn or error therefore having this regex will include both of them.
7 years ago
Serg G. Brester f834e7826d
Merge pull request #1979 from peternowee/fix-exim-lowercase-auth
7 years ago
Peter Nowee e4bbaf3d58
Update ChangeLog
7 years ago
Serg G. Brester cbd63d9cd5
added test to cover quoted injecting on AUTH command
7 years ago
Serg G. Brester 4f63180611
Avoid injection using quotes after `auth` command;
7 years ago