Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ettercap ettercap vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2010-3843
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings fi...
Ettercap-project Ettercap 0.7.3
6.8
CVSSv2
CVE-2010-3844
An unchecked sscanf() call in ettercap prior to 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
Ettercap-project Ettercap 0.7.3
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.5
CVSSv2
CVE-2017-8366
The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.
Ettercap Project Ettercap 0.8.2
4.3
CVSSv2
CVE-2017-6430
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted filter.
Ettercap-project Ettercap
7.5
CVSSv2
CVE-2014-6395
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the...
Ettercap-project Ettercap
1 EDB exploit
7.5
CVSSv2
CVE-2014-6396
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memo...
Ettercap-project Ettercap
7.5
CVSSv2
CVE-2014-9379
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overf...
Ettercap-project Ettercap 0.8.1
7.5
CVSSv2
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_g...
Ettercap-project Ettercap 0.8.1
7.5
CVSSv2
CVE-2014-9378
Ettercap 0.8.1 does not validate certain return values, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the d...
Ettercap-project Ettercap 0.8.1
5
CVSSv2
CVE-2014-9381
Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.
Ettercap-project Ettercap 0.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »