Vulnerabilites related to ettercap - ettercap
cve-2002-0276
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:42
Severity ?
EPSS score ?
Summary
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=101370874219511&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/4104 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/8200.php | vdb-entry, x_refsource_XF | |
| http://ettercap.sourceforge.net/index.php?s=history | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T02:42:28.556Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20020213 [NGSEC-2002-1] Ettercap, remote root compromise", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=101370874219511&w=2", }, { name: "4104", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/4104", }, { name: "ettercap-memcpy-bo(8200)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "http://www.iss.net/security_center/static/8200.php", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ettercap.sourceforge.net/index.php?s=history", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2002-02-13T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2003-03-20T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20020213 [NGSEC-2002-1] Ettercap, remote root compromise", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://marc.info/?l=bugtraq&m=101370874219511&w=2", }, { name: "4104", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/4104", }, { name: "ettercap-memcpy-bo(8200)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "http://www.iss.net/security_center/static/8200.php", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ettercap.sourceforge.net/index.php?s=history", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2002-0276", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20020213 [NGSEC-2002-1] Ettercap, remote root compromise", refsource: "BUGTRAQ", url: "http://marc.info/?l=bugtraq&m=101370874219511&w=2", }, { name: "4104", refsource: "BID", url: "http://www.securityfocus.com/bid/4104", }, { name: "ettercap-memcpy-bo(8200)", refsource: "XF", url: "http://www.iss.net/security_center/static/8200.php", }, { name: "http://ettercap.sourceforge.net/index.php?s=history", refsource: "CONFIRM", url: "http://ettercap.sourceforge.net/index.php?s=history", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2002-0276", datePublished: "2003-04-02T05:00:00", dateReserved: "2002-05-01T00:00:00", dateUpdated: "2024-08-08T02:42:28.556Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-1796
Vulnerability from cvelistv5
Published
2005-06-01 04:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1014084 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/15535 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2005/dsa-749 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/15664 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2005/0670 | vdb-entry, x_refsource_VUPEN | |
| http://ettercap.sourceforge.net/history.php | x_refsource_CONFIRM | |
| http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.securityfocus.com/bid/13820 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/16000 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T22:06:56.577Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1014084", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1014084", }, { name: "15535", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15535", }, { name: "DSA-749", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2005/dsa-749", }, { name: "15664", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/15664", }, { name: "ADV-2005-0670", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/0670", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://ettercap.sourceforge.net/history.php", }, { name: "GLSA-200506-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml", }, { name: "13820", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/13820", }, { name: "16000", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/16000", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-05-31T00:00:00", descriptions: [ { lang: "en", value: "Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2005-06-04T09:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1014084", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1014084", }, { name: "15535", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15535", }, { name: "DSA-749", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2005/dsa-749", }, { name: "15664", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/15664", }, { name: "ADV-2005-0670", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/0670", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://ettercap.sourceforge.net/history.php", }, { name: "GLSA-200506-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml", }, { name: "13820", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/13820", }, { name: "16000", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/16000", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-1796", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1014084", refsource: "SECTRACK", url: "http://securitytracker.com/id?1014084", }, { name: "15535", refsource: "SECUNIA", url: "http://secunia.com/advisories/15535", }, { name: "DSA-749", refsource: "DEBIAN", url: "http://www.debian.org/security/2005/dsa-749", }, { name: "15664", refsource: "SECUNIA", url: "http://secunia.com/advisories/15664", }, { name: "ADV-2005-0670", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/0670", }, { name: "http://ettercap.sourceforge.net/history.php", refsource: "CONFIRM", url: "http://ettercap.sourceforge.net/history.php", }, { name: "GLSA-200506-07", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml", }, { name: "13820", refsource: "BID", url: "http://www.securityfocus.com/bid/13820", }, { name: "16000", refsource: "SECUNIA", url: "http://secunia.com/advisories/16000", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-1796", datePublished: "2005-06-01T04:00:00", dateReserved: "2005-06-01T00:00:00", dateUpdated: "2024-08-07T22:06:56.577Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3844
Vulnerability from cvelistv5
Published
2019-11-12 21:47
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security-tracker.debian.org/tracker/CVE-2010-3844 | x_refsource_MISC | |
| https://access.redhat.com/security/cve/cve-2010-3844 | x_refsource_MISC | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600130 | x_refsource_MISC | |
| https://github.com/Ettercap/ettercap/commit/4ef3ede30181eca9add74305ad26dbcb0c3686a0 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:26:11.497Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2010-3844", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2010-3844", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600130", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/Ettercap/ettercap/commit/4ef3ede30181eca9add74305ad26dbcb0c3686a0", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "ettercap", vendor: "ettercap", versions: [ { status: "affected", version: "0.7.3", }, ], }, ], descriptions: [ { lang: "en", value: "An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.", }, ], problemTypes: [ { descriptions: [ { description: "Buffer Overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-18T20:11:02", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://security-tracker.debian.org/tracker/CVE-2010-3844", }, { tags: [ "x_refsource_MISC", ], url: "https://access.redhat.com/security/cve/cve-2010-3844", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600130", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/Ettercap/ettercap/commit/4ef3ede30181eca9add74305ad26dbcb0c3686a0", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3844", datePublished: "2019-11-12T21:47:08", dateReserved: "2010-10-08T00:00:00", dateUpdated: "2024-08-07T03:26:11.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2005-05-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ettercap | ettercap | * | |
| debian | debian_linux | 3.0 | |
| debian | debian_linux | 3.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ettercap:ettercap:*:*:*:*:*:*:*:*", matchCriteriaId: "BD8481EB-4660-4A60-927C-3E92CB926E2D", versionEndExcluding: "0.7.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", matchCriteriaId: "2CAE037F-111C-4A76-8FFE-716B74D65EF3", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", matchCriteriaId: "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.", }, ], id: "CVE-2005-1796", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-05-31T04:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://ettercap.sourceforge.net/history.php", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/15535", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/15664", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/16000", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://securitytracker.com/id?1014084", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2005/dsa-749", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/13820", }, { source: "cve@mitre.org", tags: [ "Permissions Required", ], url: "http://www.vupen.com/english/advisories/2005/0670", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://ettercap.sourceforge.net/history.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/15535", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/15664", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/16000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://securitytracker.com/id?1014084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2005/dsa-749", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/13820", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Permissions Required", ], url: "http://www.vupen.com/english/advisories/2005/0670", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2002-05-31 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ettercap:ettercap:0.6.3.1:*:*:*:*:*:*:*", matchCriteriaId: "1196273E-30DC-437B-9677-BDA19A03616A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.", }, { lang: "es", value: "Desbordamiento de búfer en varios decodificadores en Ettercap 0.6.3.1 y anteriores, cuando corren en redes con una MTU (maximun transfer unit) mayor de 2000, permite a atacantes remotos ejecutar código arbitrario mediante paquetes largos.", }, ], id: "CVE-2002-0276", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2002-05-31T04:00:00.000", references: [ { source: "cve@mitre.org", url: "http://ettercap.sourceforge.net/index.php?s=history", }, { source: "cve@mitre.org", url: "http://marc.info/?l=bugtraq&m=101370874219511&w=2", }, { source: "cve@mitre.org", url: "http://www.iss.net/security_center/static/8200.php", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/4104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://ettercap.sourceforge.net/index.php?s=history", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=101370874219511&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.iss.net/security_center/static/8200.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/4104", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }