Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2017-6430

Published: 15/03/2017 Updated: 26/02/2020
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and previous versions allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted filter.

Vulnerable Product Search on Vulmon Subscribe to Product

ettercap-project ettercap

Vendor Advisories

Debian CVElist Bug Report Logs: ettercap: CVE-2017-8366
Debian Bug report logs - #861604 ettercap: CVE-2017-8366 Package: src:ettercap; Maintainer for src:ettercap is Barak A Pearlmutter <bap@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 1 May 2017 11:21:05 UTC Severity: important Tags: security, upstream Found in version ettercap/1:08 ...
Debian CVElist Bug Report Logs: ettercap: CVE-2017-6430: Out-of-bounds read in etterfilter utility
Debian Bug report logs - #857035 ettercap: CVE-2017-6430: Out-of-bounds read in etterfilter utility Package: src:ettercap; Maintainer for src:ettercap is Barak A Pearlmutter <bap@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 7 Mar 2017 12:15:01 UTC Severity: important Tags: patch, se ...
Debian Security Advisories: DSA-3874-1 ettercap -- security update
Agostino Sarubbo and AromalUllas discovered that ettercap, a network security tool for traffic interception, contains vulnerabilities that allowed an attacker able to provide maliciously crafted filters to cause a denial-of-service via application crash For the stable distribution (jessie), these problems have been fixed in version 1:081-3+deb8u ...
Arch Linux Issues:
The compile_tree function in ef_compilerc in the Etterfilter utility in Ettercap 082 and earlier allows attackers to cause a denial of service (out-of-bounds read) via a crafted filter ...

References

CWE-125https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506https://github.com/Ettercap/ettercap/issues/782http://www.securityfocus.com/bid/96582http://www.securitytracker.com/id/1038057http://www.debian.org/security/2017/dsa-3874http://www.securityfocus.com/archive/1/540223/100/0/threadedhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861604https://www.debian.org/security/./dsa-3874
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scriptingCVE-2024-5158XML external entityCVE-2024-4262CVE-2024-2036CVE-2024-4985CVE-2024-21791remote attackersCVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook