Multiple vulnerabilities in ettercap.sourceforge.net Ettercap
| Risk | Medium |
| Patch available | NO |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2014-9381 CVE-2014-9380 CVE-2014-9379 CVE-2014-9378 CVE-2014-9376 CVE-2014-9377 |
| CWE-ID | CWE-20 CWE-119 CWE-121 CWE-122 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Ettercap Other software / Other software solutions |
| Vendor | ettercap.sourceforge.net |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU40994
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-9381
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.
MitigationInstall update from vendor's website.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71693
http://github.com/Ettercap/ettercap/pull/609
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Buffer overflow
EUVDB-ID: #VU40995
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-9380
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.
MitigationInstall update from vendor's website.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71691
http://github.com/Ettercap/ettercap/pull/608
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU40996
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2014-9379
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the radius_get_attribute function in dissectors/ec_radius.c when processing unspecified vectors, which triggers a stack-based buffer overflow. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71698
http://github.com/Ettercap/ettercap/pull/607
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU40997
Risk: Medium
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2014-9378
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the dissector_imap function in dissectors/ec_imap.c.
MitigationInstall update from vendor's website.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71695
http://github.com/Ettercap/ettercap/pull/604
http://github.com/Ettercap/ettercap/pull/610
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU40998
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2014-9376
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71696
http://github.com/Ettercap/ettercap/pull/602
http://github.com/Ettercap/ettercap/pull/605
http://github.com/Ettercap/ettercap/pull/606
http://github.com/Ettercap/ettercap/pull/609
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Heap-based buffer overflow
EUVDB-ID: #VU40999
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:C]
CVE-ID: CVE-2014-9377
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1. A remote attacker can use a large netbios packet. to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsEttercap: 0.8.1
External linkshttp://www.securityfocus.com/archive/1/534248/100/0/threaded
http://www.securityfocus.com/bid/71690
http://github.com/Ettercap/ettercap/pull/603
http://security.gentoo.org/glsa/201505-01
http://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
