ID CVE-2005-1796
Summary Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:ettercap:ettercap:0.7.2
    cpe:2.3:a:ettercap:ettercap:0.7.2
CVSS
Base: 7.5 (as of 01-06-2005 - 16:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-749.NASL
    description A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap. The old stable distribution (woody) did not include ettercap.
    last seen 2019-01-16
    modified 2018-08-09
    plugin id 18664
    published 2005-07-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18664
    title Debian DSA-749-1 : ettercap - format string error
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-773.NASL
    description This advisory adds security support for the stable amd64 distribution. It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.
    last seen 2019-01-16
    modified 2018-08-09
    plugin id 57528
    published 2012-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=57528
    title Debian DSA-773-1 : amd64 - several vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200506-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-200506-07 (Ettercap: Format string vulnerability) The curses_msg function of Ettercap's Ncurses-based user interface insecurely implements formatted printing. Impact : A remote attacker could craft a malicious network flow that would result in executing arbitrary code with the rights of the user running the Ettercap tool, which is often root. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-08-10
    plugin id 18464
    published 2005-06-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18464
    title GLSA-200506-07 : Ettercap: Format string vulnerability
refmap via4
bid 13820
confirm http://ettercap.sourceforge.net/history.php
debian DSA-749
gentoo GLSA-200506-07
sectrack 1014084
secunia
  • 15535
  • 15664
  • 16000
vupen ADV-2005-0670
Last major update 07-03-2011 - 21:22
Published 31-05-2005 - 00:00
Back to Top