Executive Summary

Informations
NameCVE-2017-8366First vendor Publication2017-04-30
VendorCveLast vendor Modification2017-11-03

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score7.5Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8366

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

Nessus® Vulnerability Scanner

DateDescription
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-988ee3e365.nasl - Type : ACT_GATHER_INFO
2017-06-16Name : The remote Fedora host is missing a security update.
File : fedora_2017-36c7e7ef06.nasl - Type : ACT_GATHER_INFO
2017-06-16Name : The remote Fedora host is missing a security update.
File : fedora_2017-8722576148.nasl - Type : ACT_GATHER_INFO
2017-06-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3874.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
DEBIAN http://www.debian.org/security/2017/dsa-3874
MISC https://blogs.gentoo.org/ago/2017/04/29/ettercap-etterfilter-heap-based-buffe...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2017-11-04 09:24:01
  • Multiple Updates
2017-07-18 13:24:51
  • Multiple Updates
2017-06-17 13:23:43
  • Multiple Updates
2017-06-13 13:25:21
  • Multiple Updates
2017-05-11 00:22:46
  • Multiple Updates
2017-05-01 00:24:12
  • First insertion