Search CVE reports


Toggle filters

1 – 10 of 14 results


CVE-2010-3843

Low priority
Ignored

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked...

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2010-3844

Low priority
Ignored

An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2017-8366

Medium priority

Some fixes available 4 of 5

The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that...

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Fixed
Show less packages

CVE-2017-6430

Medium priority

Some fixes available 4 of 5

The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Fixed
Show less packages

CVE-2014-9381

Medium priority
Ignored

Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2014-9380

Medium priority
Ignored

The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2014-9379

Medium priority
Ignored

The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified...

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2014-9378

Medium priority
Ignored

Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function...

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2014-9377

Medium priority
Ignored

Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet.

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages

CVE-2014-9376

Medium priority
Ignored

Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function...

1 affected package

ettercap

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ettercap Not affected Not affected
Show less packages