MGASA-2015-0012

Source
https://advisories.mageia.org/MGASA-2015-0012.html
Import Source
https://advisories.mageia.org/MGASA-2015-0012.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2015-0012
Related
Published
2015-01-07T16:32:10Z
Modified
2015-01-07T16:24:59Z
Summary
Updated ettercap packages fix security vulnerabilities
Details

Updated ettercap package fixes security vulnerabilities:

Heap-based buffer overflow in the dissectorpostgresql function in dissectors/ecpostgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password (CVE-2014-6395).

The dissectorpostgresql function in dissectors/ecpostgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location (CVE-2014-6396).

Integer underflow in Ettercap 8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small size variable value in the dissectordhcp function in dissectors/ecdhcp.c, length value to the dissectorgg function in dissectors/ecgg.c, or string length to the getdecodelen function in ecutils.c or a request without a username or password to the dissectorTN3270 function in dissectors/ec_TN3270.c (CVE-2014-9376).

Heap-based buffer overflow in the nbnsspoof function in plug-ins/nbnsspoof/nbns_spoof.c in Ettercap 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet (CVE-2014-9377).

Ettercap 8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted name to the parseline function in mdnsspoof/mdnsspoof.c or base64 encoded password to the dissectorimap function in dissectors/ec_imap.c (CVE-2014-9378).

The radiusgetattribute function in dissectors/ec_radius.c in Ettercap 8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow (CVE-2014-9379).

The dissectorcvs function in dissectors/eccvs.c in Ettercap 8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature (CVE-2014-9380).

Integer signedness error in the dissectorcvs function in dissectors/eccvs.c in Ettercap 8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation (CVE-2014-9381).

References
Credits

Affected packages

Mageia:4 / ettercap

Package

Name
ettercap
Purl
pkg:rpm/mageia/ettercap?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.0-3.1.mga4

Ecosystem specific

{
    "section": "core"
}