Lucene search
DebianDEBIAN:DLA-126-1:8C386HistoryDec 29, 2014 - 9:26 p.m.
[SECURITY] [DLA 126-1] ettercap security update
2014-12-2921:26:51
lists.debian.org
7
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.024
Percentile
89.8%
Package : ettercap
Version : 1:0.7.3-2.1+squeeze2
CVE ID : CVE-2014-9380 CVE-2014-9381
Debian Bug : 773416
Patches a bunch of security vulnerabilities:
- CVE-2014-9380 (Buffer over-read)
- CVE-2014-9381 (Signedness error)
See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
Patches taken from upstream- 6b196e011fa456499ed4650a360961a2f1323818 pull/608
- 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609
Thanks to Nick Sampanis <[email protected]> who is responsible for
both finding and repairing these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 6 | i386 | ettercap-common | < 1:0.7.3-2.1+squeeze2 | ettercap-common_1:0.7.3-2.1+squeeze2_i386.deb |
| Debian | 6 | i386 | ettercap-gtk | < 1:0.7.3-2.1+squeeze2 | ettercap-gtk_1:0.7.3-2.1+squeeze2_i386.deb |
| Debian | 6 | all | ettercap | < 1:0.7.3-2.1+squeeze2 | ettercap_1:0.7.3-2.1+squeeze2_all.deb |
| Debian | 6 | amd64 | ettercap | < 1:0.7.3-2.1+squeeze2 | ettercap_1:0.7.3-2.1+squeeze2_amd64.deb |
| Debian | 6 | i386 | ettercap | < 1:0.7.3-2.1+squeeze2 | ettercap_1:0.7.3-2.1+squeeze2_i386.deb |
| Debian | 6 | amd64 | ettercap-gtk | < 1:0.7.3-2.1+squeeze2 | ettercap-gtk_1:0.7.3-2.1+squeeze2_amd64.deb |
| Debian | 6 | amd64 | ettercap-common | < 1:0.7.3-2.1+squeeze2 | ettercap-common_1:0.7.3-2.1+squeeze2_amd64.deb |
Related
openvas
openvas
Debian: Security Advisory (DLA-126-1)
2023-03-08 00:00:00
Fedora Update for ettercap FEDORA-2014-17107
2015-01-05 00:00:00
Fedora Update for ettercap FEDORA-2015-4020
2015-03-27 00:00:00
osv
osv
ettercap - security update
2014-12-29 00:00:00
nessus
nessus
Debian DLA-126-1 : ettercap security update
2015-03-26 00:00:00
Fedora 20 : ettercap-0.8.1-2.fc20 (2014-17107)
2015-01-05 00:00:00
Fedora 21 : ettercap-0.8.1-2.fc21 (2014-17090)
2015-01-05 00:00:00
prion
prion
Integer overflow
2014-12-19 15:59:00
Out-of-bounds
2014-12-19 15:59:00
nvd
nvd
CVE-2014-9381
2014-12-19 15:59:31
CVE-2014-9380
2014-12-19 15:59:30
ubuntucve
ubuntucve
CVE-2014-9380
2014-12-19 00:00:00
CVE-2014-9381
2014-12-19 00:00:00
debiancve
debiancve
CVE-2014-9380
2014-12-19 15:59:30
CVE-2014-9381
2014-12-19 15:59:31
cvelist
cvelist
CVE-2014-9380
2014-12-19 15:00:00
CVE-2014-9381
2014-12-19 15:00:00
cve
cve
CVE-2014-9380
2014-12-19 15:59:30
CVE-2014-9381
2014-12-19 15:59:31
fedora
fedora
[SECURITY] Fedora 21 Update: ettercap-0.8.1-2.fc21
2015-01-03 19:11:42
[SECURITY] Fedora 19 Update: ettercap-0.8.1-2.fc19
2015-01-03 19:08:05
[SECURITY] Fedora 20 Update: ettercap-0.8.1-2.fc20
2015-01-03 19:07:29
securityvulns
securityvulns
"Ettercap 8.0 - 8.1" multiple vulnerabilities
2014-12-22 00:00:00
ettercap multiple security vulnerabilities
2014-12-22 00:00:00
gentoo
gentoo
Ettercap: Multiple vulnerabilities
2015-05-13 00:00:00
mageia
mageia
Updated ettercap packages fix security vulnerabilities
2015-01-07 19:32:10
archlinux
archlinux
ettercap-gtk: multiple issues
2015-03-17 00:00:00
ettercap: multiple issues
2015-03-17 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.2
Confidence
Low
EPSS
0.024
Percentile
89.8%
Related for DEBIAN:DLA-126-1:8C386