Your submission was sent successfully! Close

CVE-2017-8366

Published: 30 April 2017

The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
ettercap
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was needs-triage)
trusty Does not exist
(trusty was released [1:0.8.0-11ubuntu0.3])
upstream
Released
xenial
Released (1:0.8.2-2ubuntu1.16.04.1)
yakkety
Released (1:0.8.2-2ubuntu1.16.10.1)
zesty
Released (1:0.8.2-4ubuntu1.17.04.1)