|Summary:||net-analyzer/ettercap 0.7.3 fixes a "serious security bug"|
|Product:||Gentoo Security||Reporter:||Alberto Ornaghi <alor>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Whiteboard:||C0? [glsa] jaervosz|
|Package list:||Runtime testing required:||---|
Description Alberto Ornaghi 2005-05-30 01:24:19 UTC
a new version is available. it fixes a security bug. upgrade is strongly encouraged. please create an ebuild for 0.7.3 and mark it available to anyone. Reproducible: Always Steps to Reproduce: 1. 2. 3.
Comment 1 Jakub Moc (RETIRED) 2005-05-30 01:41:48 UTC
Hmm, but they failed to say anything about the serious bug... NG-0.7.3 + added the INC (+=) and DEC (-=) operators to the filter engine !! fixed the compilation of some plugins !! fixed a segfault in the isolate plugin !! fixed a bug in the dhcp spoofing module !! fixed a serious security bug
Comment 2 Alberto Ornaghi 2005-05-30 05:36:38 UTC
there was a format bug vulnerabilty in the curses gui.
Comment 3 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-30 08:16:47 UTC
Jon please verify and bump as needed. Does it run as root?
Comment 4 Thierry Carrez (RETIRED) 2005-06-01 05:57:50 UTC
jaervosz: probably not SUID root but still runs as root very often to perform dirty tricks like spoofing ARP packets. netmon: squinky86 is apparently inactive, please bump
Comment 5 Daniel Black (RETIRED) 2005-06-07 23:28:54 UTC
I've added ettercap 0.7.3 however it still contains a text location that will cause problems with people in a hardened profile. scanelf (from cvs:gentoo-projects/paxutils) was used to determine this. I've been caught up completing an assignment for the next few days. if someone can look at this and provide an approprate patch I'd appreciate it. I suspect its a missing -fPIC option when compiling a shared library. All the .so plugins are clear of text relocations. Its just /usr/bin/ettercap that had the TEXTREL.
Comment 6 Thierry Carrez (RETIRED) 2005-06-10 07:40:25 UTC
hardened: could you please help wrt comment #5 ? We don't want to stable-ize something that will break under your profiles :)
Comment 7 solar (RETIRED) 2005-06-10 08:07:33 UTC
Thanks koon I'm merging the depends now. I'll report back shortly
Comment 8 solar (RETIRED) 2005-06-10 08:31:34 UTC
net-analyzer/ettercap-0.7.3 with -debug +gtk +ssl +ncurses is clean for me. Compiles and runs with full memory protections enabled. I think the problem is with another library on Daniel Black's box. I'll work with him on irc to track that down. So no objections from hardened. Please mark stable and release the GLSA when your ready.
Comment 9 Thierry Carrez (RETIRED) 2005-06-10 08:49:40 UTC
Target KEYWORDS="x86 ~amd64 sparc ppc hppa alpha" Arches, please test and mark stable
Comment 10 Luca Barbato 2005-06-10 10:58:03 UTC
Comment 11 Gustavo Zacarias (RETIRED) 2005-06-10 11:27:13 UTC
Comment 12 Aron Griffis (RETIRED) 2005-06-10 13:39:07 UTC
stable on alpha
Comment 13 René Nussbaumer (RETIRED) 2005-06-10 14:37:54 UTC
Stable on hppa
Comment 14 Daniel Black (RETIRED) 2005-06-10 19:03:41 UTC
x86 stable. dependancy changed to libnet-22.214.171.124-r1 due to pic issues. all stable.
Comment 15 Thierry Carrez (RETIRED) 2005-06-11 01:21:49 UTC
Ready for GLSA
Comment 16 Thierry Carrez (RETIRED) 2005-06-11 05:15:53 UTC