Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0722

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2013-0722
Last Modified 29 Jan 2013 12:00:00
Published 11 Jan 2013 05:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2013-0722

Summary

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.

Vulnerable Systems

Application

  • Ettercap Project Ettercap 0.6.3.1

  • Ettercap Project Ettercap 0.7.2

  • Ettercap Project Ettercap 0.7.3

  • Ettercap Project Ettercap 0.7.4

  • Ettercap Project Ettercap 0.7.4.1

  • Ettercap Project Ettercap 0.7.5

  • Ettercap Project Ettercap 0.7.5.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=894092

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=451198

MISC - http://www.securation.com/files/2013/01/ec.patch

EXPLOIT-DB - 23945

SECUNIA - 51731


Last Updated: 27 May 2016 10:56:40