Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31528
HistoryDec 22, 2014 - 12:00 a.m.

"Ettercap 8.0 - 8.1" multiple vulnerabilities

2014-12-2200:00:00
vulners.com
26
JSON

"Ettercap 8.0 - 8.1" multiple vulnerabilities

Description

Twelve vulnerabilities exist on ettercap-ng which allow remote denial of
service and possible remote code execution. Specifically, the following
vulnerabilities were identified:

  • A Length Parameter Inconsistency at ettercap 8.0 dissector_postgresql()
    which may lead to remote code execution or denial of service.
  • An arbitary write of zero in to any location at ettercap 8.0
    dissector_postgresql
  • A negative index/underflow at ettercap 8.1 dissector_dhcp() which may lead
    to denial of service
  • A heap overflow at ettercap 8.1 nbns_spoof() plugin which may lead to
    remote code execution or denial of service.
  • An unchecked return value at ettercap 8.1 mdns_spoof() plugin which may
    lead to remote denial of service.
  • A negative index/underflow at ettercap 8.1 dissector_TN3270
  • A negative index/underflow at ettercap 8.1 dissector_gg
  • A negative index/underflow at ettercap 8.1 get_decode_len()
  • An incorrect cast at ettercap 8.1 dissector_radius which may lead to
    remote code execution or denial of service.
  • A buffer over-read at ettercap 8.1 dissector_cvs which may lead to denial
    of service
  • A signedness error at ettercap 8.1 dissector_cvs
  • An unchecked return value at ettercap 8.1 dissector_imap which may lead to
    denial of service

Researcher

Nick Sampanis (n.sampanis[a t]obrela[do t]com)

Vulnerabilities

Length Parameter Inconsistency CVE-2014-6395
Arbitary write CVE-2014-6396
Negative index/underflow CVE-2014-9376
Heap overflow CVE-2014-9377
Unchecked return value CVE-2014-9378
Incorrect cast CVE-2014-9379
Buffer over-read CVE-2014-9380
Signedness error CVE-2014-9381

Bugs and fixes submit date

10/09/2014 and 03/11/2014

Solution - fix & patch

Download the latest ettercap. Download the respective commits from github.
Soon a new version will be released but at the time there is no patched
version.

https://github.com/NickSampanis/ettercap/commit/e3abe7d7585ecc420a7cab733132
16613aadad5a
https://github.com/NickSampanis/ettercap/commit/103f16582ee88341a6a610378011
781cdc866b0c
https://github.com/NickSampanis/ettercap/commit/3f0c582826095c722ab6fbf91518
282a765a0b68
https://github.com/NickSampanis/ettercap/commit/cb7b2028dc03c628aa0a1a5130ca
41421ddebcb2
https://github.com/NickSampanis/ettercap/commit/edd337d5d4f37ab8e330c5e06734
4dd5b3f10435
https://github.com/NickSampanis/ettercap/commit/37dcfdf79e1ac6dcacd565894cd7
717aa0224164
https://github.com/NickSampanis/ettercap/commit/c2a3c99af956146570d7883e4b54
0b9d0c0a3c46
https://github.com/NickSampanis/ettercap/commit/6b196e011fa456499ed4650a3609
61a2f1323818
https://github.com/NickSampanis/ettercap/commit/31b937298c8067e6b0c3217c95ed
ceb983dfc4a2
https://github.com/NickSampanis/ettercap/commit/9e9fdc7ed1ee8eba01a5a05e000b
6c55d2a70923

Reference:

https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

Related

fedora 6
securityvulns 1
openvas 7
nessus 8
mageia 1
gentoo 1
archlinux 2
exploitpack 1
packetstorm 1
exploitdb 1
debian 1
osv 1
debiancve 8
ubuntucve 8
cve 8
prion 8
zdt 1
fedora
fedora
[SECURITY] Fedora 22 Update: ettercap-0.8.2-1.fc22
2015-03-21 04:53:22
[SECURITY] Fedora 21 Update: ettercap-0.8.2-1.fc21
2015-03-26 21:49:42
[SECURITY] Fedora 20 Update: ettercap-0.8.2-1.fc20
2015-03-26 21:26:45
securityvulns
securityvulns
ettercap multiple security vulnerabilities
2014-12-22 00:00:00
openvas
openvas
Fedora Update for ettercap FEDORA-2015-4009
2015-07-07 00:00:00
Fedora Update for ettercap FEDORA-2014-17210
2015-01-05 00:00:00
Fedora Update for ettercap FEDORA-2015-3984
2015-03-27 00:00:00
nessus
nessus
Fedora 22 : ettercap-0.8.2-1.fc22 (2015-4009)
2015-03-23 00:00:00
Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)
2015-01-05 00:00:00
Fedora 21 : ettercap-0.8.1-2.fc21 (2014-17090)
2015-01-05 00:00:00
mageia
mageia
Updated ettercap packages fix security vulnerabilities
2015-01-07 19:32:10
gentoo
gentoo
Ettercap: Multiple vulnerabilities
2015-05-13 00:00:00
archlinux
archlinux
ettercap: multiple issues
2015-03-17 00:00:00
ettercap-gtk: multiple issues
2015-03-17 00:00:00
exploitpack
exploitpack
Ettercap 0.8.0 0.8.1 - Multiple Denial of Service Vulnerabilities
2014-12-19 00:00:00
packetstorm
packetstorm
Ettercap 0.8.0 / 0.8.1 Denial Of Service
2014-12-20 00:00:00
exploitdb
exploitdb
Ettercap 0.8.0 < 0.8.1 - Multiple Denial of Service Vulnerabilities
2014-12-19 00:00:00
debian
debian
[SECURITY] [DLA 126-1] ettercap security update
2014-12-29 21:26:51
osv
osv
ettercap - security update
2014-12-29 00:00:00
debiancve
debiancve
CVE-2014-9378
2014-12-19 15:59:00
CVE-2014-9379
2014-12-19 15:59:00
CVE-2014-9377
2014-12-19 15:59:00
ubuntucve
ubuntucve
CVE-2014-9376
2014-12-19 00:00:00
CVE-2014-9378
2014-12-19 00:00:00
CVE-2014-9379
2014-12-19 00:00:00
cve
cve
CVE-2014-9378
2014-12-19 15:59:00
CVE-2014-9377
2014-12-19 15:59:00
CVE-2014-9376
2014-12-19 15:59:00
prion
prion
Default credentials
2014-12-19 15:59:00
Integer overflow
2014-12-19 15:59:00
Integer overflow
2014-12-19 15:59:00
zdt
zdt
Ettercap 0.8.0 / 0.8.1 Denial Of Service Exploit
2014-12-21 00:00:00
JSON
Related for SECURITYVULNS:DOC:31528
fedora6securityvulns1openvas7nessus8mageia1gentoo1archlinux2exploitpack1packetstorm1exploitdb1debian1osv1debiancve8ubuntucve8cve8prion8zdt1