CVE-2017-6430

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-6430
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6430.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-6430
Downstream
Related
Published
2017-03-15T15:59:01Z
Modified
2025-11-06T00:59:36.659057Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The compiletree function in efcompiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.

References

Affected packages

Git / github.com/ettercap/ettercap

Affected ranges

Type
GIT
Repo
https://github.com/ettercap/ettercap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected

Git / github.com/locutusofborg/ettercap

Affected ranges

Type
GIT
Repo
https://github.com/locutusofborg/ettercap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
626dc56686f15f2dda13c48f78c2a666cb6d8506

Affected versions

upstream/0.*

upstream/0.7.5
upstream/0.7.5.1
upstream/0.7.5.2
upstream/0.7.5.3
upstream/0.7.6
upstream/0.8.0
upstream/0.8.0+git20140910
upstream/0.8.1

v0.*

v0.7.5
v0.7.5.1
v0.7.5.2
v0.7.5.3
v0.7.6
v0.8.0
v0.8.1
v0.8.2

version_0.*

version_0.7.4
version_0.7.4.1

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "336465565215562215652244387389245473016",
                "28560164998777911115492888519345378280",
                "136284130910114790197394785591963922456",
                "210002587334061340802555627301019573579"
            ]
        },
        "target": {
            "file": "utils/etterfilter/ef_compiler.c"
        },
        "id": "CVE-2017-6430-16575dcd",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "287394146260016701954750356655470886257",
                "313488454889957134284126930510380773617",
                "222964833732127740785513491909308400287"
            ]
        },
        "target": {
            "file": "utils/etterfilter/ef_output.c"
        },
        "id": "CVE-2017-6430-4d9dcc14",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "function_hash": "73824362593736277241881711187549870075",
            "length": 592.0
        },
        "target": {
            "function": "compile_tree",
            "file": "utils/etterfilter/ef_compiler.c"
        },
        "id": "CVE-2017-6430-588225c7",
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "function_hash": "210332981582541740180400158402695521870",
            "length": 1028.0
        },
        "target": {
            "function": "write_output",
            "file": "utils/etterfilter/ef_output.c"
        },
        "id": "CVE-2017-6430-71d51fb0",
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "318727011721267724420573914741129846671",
                "224398428033894190355302470922977823748",
                "276297051888253384984039647624144958576",
                "149843702893886052836448695891528775079",
                "268372711161779612538666895502505031463",
                "68225286366033642804777333696016389839",
                "60682084748572549661968268298880888572",
                "272351167169432612797003637060841709973",
                "307039078593118820577922940276223332103"
            ]
        },
        "target": {
            "file": "utils/etterfilter/ef_main.c"
        },
        "id": "CVE-2017-6430-85cdc748",
        "signature_version": "v1",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "source": "https://github.com/locutusofborg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506",
        "digest": {
            "function_hash": "39611336973751834281728762465384394335",
            "length": 1024.0
        },
        "target": {
            "function": "main",
            "file": "utils/etterfilter/ef_main.c"
        },
        "id": "CVE-2017-6430-f513dee3",
        "signature_version": "v1",
        "signature_type": "Function"
    }
]