Bug 612226 (CVE-2017-6430)

Summary:	<net-analyzer/ettercap-0.8.2-r1: Out-of-bounds read
Product:	Gentoo Security	Reporter:	Agostino Sarubbo <ago>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	ago, netmon, zerochaos
Priority:	Normal	Flags:	stable-bot: sanity-check+
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://bugzilla.redhat.com/show_bug.cgi?id=1429571
Whiteboard:	B3 [noglsa cve]
Package list:	net-analyzer/ettercap-0.8.2-r2	Runtime testing required:	No

Description Agostino Sarubbo gentoo-dev

2017-03-10 16:34:31 UTC

From ${URL} :

Etterfilter utility of Ettercap have an out-of-bounds read denial-of-service vulnerability when parsing a crafted file. This occurs in the compile_tree function of the ef_compiler.c source file when processing corrupted filters.

References:

http://seclists.org/bugtraq/2017/Mar/24

Upstream bug:

https://github.com/Ettercap/ettercap/issues/782

Upstream patch:

https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 Agostino Sarubbo gentoo-dev

2017-03-10 16:35:11 UTC

However the bug is visible via etterfilter but resides in the library.

Comment 2 GLSAMaker/CVETool Bot gentoo-dev

2017-03-19 14:23:28 UTC

CVE-2017-6430 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-6430):
  The compile_tree function in ef_compiler.c in the Etterfilter utility in
  Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of
  service (out-of-bounds read) via a crafted filter.

Comment 3 Agostino Sarubbo gentoo-dev

2017-03-20 12:56:06 UTC

(In reply to Agostino Sarubbo from comment #1)
> However the bug is visible via etterfilter but resides in the library.

Please do not consider the above. It was a mistake. The bug is in the etterfilter utility.

Comment 4 Aaron Bauman (RETIRED) gentoo-dev

2017-07-17 01:24:40 UTC

Looks like there was a 0.8.2-4 release including the fix from the 'fix-library' @ 

https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506

Comment 5 Rick Farina (Zero_Chaos) gentoo-dev

2018-02-24 05:07:45 UTC

0.8.2-r1 in the tree, please feel free to clean up when done

Comment 6 Aaron Bauman (RETIRED) gentoo-dev

2019-03-24 02:06:08 UTC

@arches, please stabilize.

Comment 7 Agostino Sarubbo gentoo-dev

2019-03-24 10:02:24 UTC

amd64 stable

Comment 8 Sergei Trofimovich (RETIRED) gentoo-dev

2019-03-24 20:32:47 UTC

ppc stable

Comment 9 Sergei Trofimovich (RETIRED) gentoo-dev

2019-03-24 20:36:10 UTC

ppc64 stable

Comment 10 Rolf Eike Beer archtester

2019-03-27 19:27:06 UTC

sparc stable

Comment 11 Thomas Deutschmann (RETIRED) gentoo-dev

2019-03-27 23:21:03 UTC

x86 stable

Comment 12 Thomas Deutschmann (RETIRED) gentoo-dev

2019-03-27 23:45:57 UTC

x86 stable

Comment 13 Mikle Kolyada (RETIRED) archtester

2019-03-30 19:12:34 UTC

arm stable

Comment 14 Yury German Gentoo Infrastructure

2019-04-02 06:27:38 UTC

GLSA Vote: No

Please continue Stabilization

Comment 15 Mikle Kolyada (RETIRED) archtester

2019-04-08 06:47:18 UTC

alpha stable

Comment 16 Aaron Bauman (RETIRED) gentoo-dev

2019-04-08 13:40:52 UTC

@maintainer(s), please drop vulnerable.

Comment 17 Aaron Bauman (RETIRED) gentoo-dev

2019-04-20 02:03:57 UTC

tree is clean