Summary
| Detail | |||
|---|---|---|---|
| Vendor | Ettercap-Project | First view | 2013-01-11 |
| Product | Ettercap | Last view | 2017-03-15 |
| Version | 0.7.2 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:ettercap-project:ettercap | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2017-03-15 | CVE-2017-6430 | The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter. |
| 7.5 | 2014-12-19 | CVE-2014-6396 | The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location. |
| 7.5 | 2014-12-19 | CVE-2014-6395 | Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password. |
| 4.4 | 2013-01-11 | CVE-2013-0722 | Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 75% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 25% (1) | CWE-125 | Out-of-bounds Read |
ExploitDB Exploits
| id | Description |
|---|---|
| 35580 | Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2017-06-12 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3874.nasl - Type: ACT_GATHER_INFO |
| 2017-03-16 | Name: The remote Fedora host is missing a security update. File: fedora_2017-2258cfb450.nasl - Type: ACT_GATHER_INFO |
| 2017-03-15 | Name: The remote Fedora host is missing a security update. File: fedora_2017-06365bdcfd.nasl - Type: ACT_GATHER_INFO |
| 2015-05-14 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201505-01.nasl - Type: ACT_GATHER_INFO |
| 2015-03-27 | Name: The remote Fedora host is missing a security update. File: fedora_2015-3984.nasl - Type: ACT_GATHER_INFO |
| 2015-03-27 | Name: The remote Fedora host is missing a security update. File: fedora_2015-4020.nasl - Type: ACT_GATHER_INFO |
| 2015-03-23 | Name: The remote Fedora host is missing a security update. File: fedora_2015-4009.nasl - Type: ACT_GATHER_INFO |
| 2015-01-05 | Name: The remote Fedora host is missing a security update. File: fedora_2014-17090.nasl - Type: ACT_GATHER_INFO |
| 2015-01-05 | Name: The remote Fedora host is missing a security update. File: fedora_2014-17107.nasl - Type: ACT_GATHER_INFO |
| 2015-01-05 | Name: The remote Fedora host is missing a security update. File: fedora_2014-17210.nasl - Type: ACT_GATHER_INFO |
| 2014-05-19 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201405-12.nasl - Type: ACT_GATHER_INFO |
| 2013-02-04 | Name: The remote Fedora host is missing a security update. File: fedora_2013-0894.nasl - Type: ACT_GATHER_INFO |
| 2013-02-04 | Name: The remote Fedora host is missing a security update. File: fedora_2013-0899.nasl - Type: ACT_GATHER_INFO |
| 2013-02-04 | Name: The remote Fedora host is missing a security update. File: fedora_2013-1421.nasl - Type: ACT_GATHER_INFO |
| 2013-01-17 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_1b9b199f5efd11e2a1eec48508086173.nasl - Type: ACT_GATHER_INFO |
