CSF 2.67 - LF_HTACCESS insecure regexp
DESCRIPTION
See issue 04 above for a complete explanation of this issue. The regexp for this issue looks similar to the following:
634 if ( $log_line =~ /\[client (.*)\] user .*: authentication failure/ ) { 635 return ( 'Unsuccessful http auth login from', $1, 'htpasswd' ); 636 }
IMPACT
Remote, unauthenticated command execution as root. LF_HTACCESS is disabled by default.
This bug was not reported because it was not discovered until after it had been fixed. I believe this bug was fixed in the release that followed 2.76 as a result of reporting issue #08 (remotely block any IP address, pure-ftpd regexp).