Summary: | <net-analyzer/ettercap-0.7.5.2: "scan_load_hosts()" Buffer Overflow Vulnerability (CVE-2013-0722) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon, zerochaos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/51731/ | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-01-10 15:46:42 UTC
CVE-2013-0722 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0722): Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line. Arches, please test and mark stable: =net-analyzer/ettercap-0.7.5.2 Target keywords : "alpha amd64 arm hppa ppc ppc64 sparc x86" amd64 stable x86 stable ppc stable ppc64 stable Stable for HPPA. alpha stable sparc stable arm stable Added to existing GLSA draft. This issue was resolved and addressed in GLSA 201405-12 at http://security.gentoo.org/glsa/glsa-201405-12.xml by GLSA coordinator Sean Amoss (ackle). |