Summary: | net-analyzer/ettercap 0.7.3 fixes a "serious security bug" | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alberto Ornaghi <alor> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | netmon, squinky86 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://ettercap.sourceforge.net/history.php | ||
Whiteboard: | C0? [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Alberto Ornaghi
2005-05-30 01:24:19 UTC
Hmm, but they failed to say anything about the serious bug... NG-0.7.3 + added the INC (+=) and DEC (-=) operators to the filter engine !! fixed the compilation of some plugins !! fixed a segfault in the isolate plugin !! fixed a bug in the dhcp spoofing module !! fixed a serious security bug there was a format bug vulnerabilty in the curses gui. Jon please verify and bump as needed. Does it run as root? jaervosz: probably not SUID root but still runs as root very often to perform dirty tricks like spoofing ARP packets. netmon: squinky86 is apparently inactive, please bump I've added ettercap 0.7.3 however it still contains a text location that will cause problems with people in a hardened profile. scanelf (from cvs:gentoo-projects/paxutils) was used to determine this. I've been caught up completing an assignment for the next few days. if someone can look at this and provide an approprate patch I'd appreciate it. I suspect its a missing -fPIC option when compiling a shared library. All the .so plugins are clear of text relocations. Its just /usr/bin/ettercap that had the TEXTREL. hardened: could you please help wrt comment #5 ? We don't want to stable-ize something that will break under your profiles :) Thanks koon I'm merging the depends now. I'll report back shortly net-analyzer/ettercap-0.7.3 with -debug +gtk +ssl +ncurses is clean for me. Compiles and runs with full memory protections enabled. I think the problem is with another library on Daniel Black's box. I'll work with him on irc to track that down. So no objections from hardened. Please mark stable and release the GLSA when your ready. Target KEYWORDS="x86 ~amd64 sparc ppc hppa alpha" Arches, please test and mark stable Marked ppc sparc tasty. stable on alpha Stable on hppa x86 stable. dependancy changed to libnet-1.1.2.1-r1 due to pic issues. all stable. Ready for GLSA GLSA 200506-07 |