Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ettercap-project ettercap vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2013-0722
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and previous versions might allow local users to gain privileges via a Trojan horse hosts list containing a long line.
Ettercap-project Ettercap 0.7.3
Ettercap-project Ettercap 0.7.2
Ettercap-project Ettercap 0.7.4.1
Ettercap-project Ettercap 0.7.4
Ettercap-project Ettercap
Ettercap-project Ettercap 0.7.5
Ettercap-project Ettercap 0.6.3.1
1 EDB exploit
7.5
CVSSv2
CVE-2014-6395
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the...
Ettercap-project Ettercap
1 EDB exploit
7.5
CVSSv2
CVE-2014-6396
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memo...
Ettercap-project Ettercap
4.3
CVSSv2
CVE-2017-6430
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted filter.
Ettercap-project Ettercap
7.5
CVSSv2
CVE-2017-8366
The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.
Ettercap Project Ettercap 0.8.2
4.6
CVSSv2
CVE-2010-3843
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings fi...
Ettercap-project Ettercap 0.7.3
7.5
CVSSv2
CVE-2014-9378
Ettercap 0.8.1 does not validate certain return values, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the d...
Ettercap-project Ettercap 0.8.1
7.5
CVSSv2
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_g...
Ettercap-project Ettercap 0.8.1
7.5
CVSSv2
CVE-2014-9377
Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a large netbios packet.
Ettercap-project Ettercap 0.8.1
7.5
CVSSv2
CVE-2014-9379
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overf...
Ettercap-project Ettercap 0.8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »