CVE-2014-9376 in Ettercap
요약 (영어)
Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
예약하다
2014. 12. 11.
공개
2014. 12. 19.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 73326 | Ettercap Dissector dissector_TN3270 메모리 손상 | 119 | 개념 증명 | 공식 수정 | CVE-2014-9376 |