VDB

GCVE-110-MAGEIA-2015-12

GCVE-110-MAGEIA-2015-12
Advisory Published
Vulnetix · Advisory published January 7, 2015
Updated ettercap package fixes security vulnerabilities: Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password (CVE-2014-6395). The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location (CVE-2014-6396). Integer underflow in Ettercap 8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, length value to the dissector_gg function in dissectors/ec_gg.c, or string length to the get_decode_len function in ec_utils.c or a request without a username or password to the dissector_TN3270 function in dissectors/ec_TN3270.c (CVE-2014-9376). Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet (CVE-2014-9377). Ettercap 8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted name to the parse_line function in mdns_spoof/mdns_spoof.c or base64 encoded password to the dissector_imap function in dissectors/ec_imap.c (CVE-2014-9378). The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow (CVE-2014-9379). The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature (CVE-2014-9380). Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation (CVE-2014-9381).

Affected Products

VendorProductVersionsPlatforms
Mageiaucpp0 (affected), 1.3.4-8.mga4 (unaffected)
Mageiamdds0 (affected), 0.11.2-1.mga4 (unaffected)
Mageialibwpd0 (affected), 0.10.0-3.mga4 (unaffected)
Mageiaopencollada0 (affected), 0-2.mga4 (unaffected)
Mageialibe-book0 (affected), 0.1.1-3.mga4 (unaffected)
Mageialibetonyek0.1.1-4.mga4 (unaffected), 0 (affected)
Mageialibwps0 (affected), 0.3.1-8.mga4 (unaffected)
Mageialibmspub0 (affected), 0.1.2-2.mga4 (unaffected)
Mageialibwpg0 (affected), 0.3.0-3.mga4 (unaffected)
Mageialibabw0 (affected), 0.1.1-2.mga4 (unaffected)
Mageialibmwaw0 (affected), 0.3.4-1.mga4 (unaffected)
Mageialibixion0 (affected), 0.7.0-5.mga4 (unaffected)
Mageialibrevenge0 (affected), 0.0.2-2.mga4 (unaffected)
Mageialibpagemaker0 (affected), 0.0.2-2.mga4 (unaffected)
Mageialibreoffice4.3.6.1-3.mga4 (unaffected), 0 (affected)
Mageialibcdr0 (affected), 0.1.1-2.mga4 (unaffected)
Mageialibvisio0 (affected), 0.1.1-3.mga4 (unaffected)
Mageialibfreehand0 (affected), 0.1.0-4.mga4 (unaffected)
Mageiaettercap0 (affected), 0.8.0-3.1.mga4 (unaffected), 0 (affected), 0.8.0-3.1.mga4 (unaffected)
Mageialiborcus0 (affected), 0.7.0-4.mga4 (unaffected)
Mageialibcmis0 (affected), 0.4.1-2.mga4 (unaffected)
Mageialibgltf0.0.2-1.mga4 (unaffected), 0 (affected)
Mageialibodfgen0.1.3-1.mga4 (unaffected), 0 (affected)
Mageialibeot0 (affected), 0.01-4.mga4 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›