FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ettercap -- buffer overflow in target list parsing

Affected packages
ettercap < 0.7.4.1
0.7.5 <= ettercap < 0.7.5.2

Details

VuXML ID 1b9b199f-5efd-11e2-a1ee-c48508086173
Discovery 2013-01-07
Entry 2013-01-16

Host target list parsing routine in ettercap 0.7.4-series prior to 0.7.4.1 and 0.7.5-series is prone to the stack-based buffer overflow that may lead to the code execution with the privileges of the ettercap process.

In order to trigger this vulnerability, user or service that use ettercap should be tricked to pass the crafted list of targets via the "-j" option.

References

CVE Name CVE-2013-0722
URL http://www.exploit-db.com/exploits/23945/
URL https://secunia.com/advisories/51731/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.