Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ettercap-project ettercap vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-8366
The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.
Ettercap Project Ettercap 0.8.2
8.8
CVSSv3
CVE-2010-3844
An unchecked sscanf() call in ettercap prior to 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
Ettercap-project Ettercap 0.7.3
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
7.8
CVSSv3
CVE-2010-3843
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings fi...
Ettercap-project Ettercap 0.7.3
5.5
CVSSv3
CVE-2017-6430
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted filter.
Ettercap-project Ettercap
NA
CVE-2014-6396
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memo...
Ettercap-project Ettercap
NA
CVE-2014-6395
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the...
Ettercap-project Ettercap
1 EDB exploit
NA
CVE-2014-9377
Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a large netbios packet.
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9378
Ettercap 0.8.1 does not validate certain return values, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the d...
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_g...
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9379
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overf...
Ettercap-project Ettercap 0.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »