Denial of Service Vulnerability in Ettercap by The Ettercap Project
CVE-2014-6396

Currently unrated

Key Information:

Vendor: Ettercap-project
Status: Ettercap
Vendor: CVE Published:; 19 December 2014

🔔 Create Ettercap-project Vulnerability Alert

What is CVE-2014-6396?

The dissector_postgresql function in Ettercap before version 0.8.1 is vulnerable, allowing remote attackers to exploit crafted password lengths. This can lead to a denial of service and possibly the execution of arbitrary code by writing a null character to an arbitrary memory location, compromising system stability and integrity. Users of affected versions are advised to upgrade promptly to mitigate these risks.

References

https://security.gentoo.org/glsa/201505-01

vendor-advisoryx_refsource_GENTOO

https://www.obrela.com/home/security-labs/advisories/osi-...

x_refsource_MISC

https://github.com/Ettercap/ettercap/commit/e3abe7d7585ec...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 19, 2014
Vulnerability Reserved
Sep 15, 2014

CVE-2014-6396 Data

JSON