Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ettercap ettercap vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2010-3843
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings fi...
Ettercap-project Ettercap 0.7.3
8.8
CVSSv3
CVE-2010-3844
An unchecked sscanf() call in ettercap prior to 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.
Ettercap-project Ettercap 0.7.3
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2017-8366
The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted filter that is mishandled by etterfilter.
Ettercap Project Ettercap 0.8.2
5.5
CVSSv3
CVE-2017-6430
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted filter.
Ettercap-project Ettercap
NA
CVE-2014-6396
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memo...
Ettercap-project Ettercap
NA
CVE-2014-6395
Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap prior to 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the...
Ettercap-project Ettercap
1 EDB exploit
NA
CVE-2014-9380
The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote malicious users to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_g...
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9377
Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a large netbios packet.
Ettercap-project Ettercap 0.8.1
NA
CVE-2014-9378
Ettercap 0.8.1 does not validate certain return values, which allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the d...
Ettercap-project Ettercap 0.8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »