From $URL :
A vulnerability has been discovered in Ettercap, which can be exploited by malicious people to
compromise a user's system.
The vulnerability is caused due to a boundary error within the "scan_load_hosts()" function
(src/ec_scan.c) when parsing entries from hosts list, which can be exploited to cause a stack-based
buffer overflow via an overly long entry.
Successful exploitation may allow execution of arbitrary code but requires tricking a users into
using a malicious host file.
The vulnerability is confirmed in version 0.7.5.1. Other versions may also be affected.
No official solution is currently available.
Provided and/or discovered by
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in
Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via
a Trojan horse hosts list containing a long line.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ppc ppc64 sparc x86"
Stable for HPPA.
Added to existing GLSA draft.
This issue was resolved and addressed in
GLSA 201405-12 at http://security.gentoo.org/glsa/glsa-201405-12.xml
by GLSA coordinator Sean Amoss (ackle).