{"id":"MGASA-2015-0012","summary":"Updated ettercap packages fix security vulnerabilities","details":"Updated ettercap package fixes security vulnerabilities:\n\nHeap-based buffer overflow in the dissector_postgresql function in\ndissectors/ec_postgresql.c in Ettercap before 8.1 allows remote attackers to\ncause a denial of service or possibly execute arbitrary code via a crafted\npassword length value that is inconsistent with the actual length of the\npassword (CVE-2014-6395).\n\nThe dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap\nbefore 8.1 allows remote attackers to cause a denial of service and possibly\nexecute arbitrary code via a crafted password length, which triggers a 0\ncharacter to be written to an arbitrary memory location (CVE-2014-6396).\n\nInteger underflow in Ettercap 8.1 allows remote attackers to cause a denial\nof service (out-of-bounds write) and possibly execute arbitrary code via a\nsmall size variable value in the dissector_dhcp function in\ndissectors/ec_dhcp.c, length value to the dissector_gg function in\ndissectors/ec_gg.c, or string length to the get_decode_len function in\nec_utils.c or a request without a username or password to the\ndissector_TN3270 function in dissectors/ec_TN3270.c (CVE-2014-9376).\n\nHeap-based buffer overflow in the nbns_spoof function in\nplug-ins/nbns_spoof/nbns_spoof.c in Ettercap 8.1 allows remote attackers to\ncause a denial of service or possibly execute arbitrary code via a large\nnetbios packet (CVE-2014-9377).\n\nEttercap 8.1 does not validate certain return values, which allows remote\nattackers to cause a denial of service (crash) or possibly execute arbitrary\ncode via a crafted name to the parse_line function in mdns_spoof/mdns_spoof.c\nor base64 encoded password to the dissector_imap function in\ndissectors/ec_imap.c (CVE-2014-9378).\n\nThe radius_get_attribute function in dissectors/ec_radius.c in Ettercap 8.1\nperforms an incorrect cast, which allows remote attackers to cause a denial\nof service (crash) or possibly execute arbitrary code via unspecified\nvectors, which triggers a stack-based buffer overflow (CVE-2014-9379).\n\nThe dissector_cvs function in dissectors/ec_cvs.c in Ettercap 8.1 allows\nremote attackers to cause a denial of service (out-of-bounds read) via a\npacket containing only a CVS_LOGIN signature (CVE-2014-9380).\n\nInteger signedness error in the dissector_cvs function in dissectors/ec_cvs.c\nin Ettercap 8.1 allows remote attackers to cause a denial of service (crash)\nvia a crafted password, which triggers a large memory allocation\n(CVE-2014-9381).\n","modified":"2026-04-16T01:46:44.662973269Z","published":"2015-01-07T16:32:10Z","upstream":["CVE-2014-6395","CVE-2014-6396","CVE-2014-9376","CVE-2014-9377","CVE-2014-9378","CVE-2014-9379","CVE-2014-9380","CVE-2014-9381"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0012.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14919"},{"type":"ADVISORY","url":"https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/"}],"affected":[{"package":{"name":"ettercap","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/ettercap?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.0-3.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0012.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}