Your submission was sent successfully! Close

CVE-2014-9379

Published: 19 December 2014

The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow.

Priority

Medium

Status

Package Release Status
ettercap
Launchpad, Ubuntu, Debian
Upstream
Released (1:0.8.1-3)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1:0.8.1-3)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1:0.8.1-3)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was needed)