Lucene search
MitreCVE-2014-6396HistoryDec 19, 2014 - 3:59 p.m.
CVE-2014-6396
2014-12-1915:59:07
CWE-119
mitre
web.nvd.nist.gov
23
cve-2014-6396
security
ettercap
remote attackers
denial of service
arbitrary code
password length
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.07
Percentile
94.0%
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.
Affected configurations
Node
ettercap-projectettercapRange≤0.8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ettercap-project | ettercap | * | cpe:2.3:a:ettercap-project:ettercap:*:*:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2014-6396
2014-12-19 15:59:07
prion
prion
Memory corruption
2014-12-19 15:59:00
ubuntucve
ubuntucve
CVE-2014-6396
2014-12-19 00:00:00
cvelist
cvelist
CVE-2014-6396
2014-12-19 15:00:00
nvd
nvd
CVE-2014-6396
2014-12-19 15:59:07
fedora
fedora
[SECURITY] Fedora 19 Update: ettercap-0.8.1-2.fc19
2015-01-03 19:08:05
[SECURITY] Fedora 21 Update: ettercap-0.8.1-2.fc21
2015-01-03 19:11:42
[SECURITY] Fedora 20 Update: ettercap-0.8.1-2.fc20
2015-01-03 19:07:29
nessus
nessus
Fedora 20 : ettercap-0.8.2-1.fc20 (2015-4020)
2015-03-27 00:00:00
GLSA-201505-01 : Ettercap: Multiple vulnerabilities
2015-05-14 00:00:00
Fedora 21 : ettercap-0.8.2-1.fc21 (2015-3984)
2015-03-27 00:00:00
openvas
openvas
Fedora Update for ettercap FEDORA-2015-4020
2015-03-27 00:00:00
Fedora Update for ettercap FEDORA-2014-17107
2015-01-05 00:00:00
Gentoo Security Advisory GLSA 201505-01
2015-09-29 00:00:00
securityvulns
securityvulns
ettercap multiple security vulnerabilities
2014-12-22 00:00:00
"Ettercap 8.0 - 8.1" multiple vulnerabilities
2014-12-22 00:00:00
gentoo
gentoo
Ettercap: Multiple vulnerabilities
2015-05-13 00:00:00
mageia
mageia
Updated ettercap packages fix security vulnerabilities
2015-01-07 19:32:10
archlinux
archlinux
ettercap: multiple issues
2015-03-17 00:00:00
ettercap-gtk: multiple issues
2015-03-17 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.07
Percentile
94.0%
Related for CVE-2014-6396