Heap-based Buffer Overflow in Ettercap by The Ettercap Project
CVE-2014-9377

Currently unrated

Key Information:

Vendor: Ettercap-project
Status: Ettercap
Vendor: CVE Published:; 19 December 2014

🔔 Create Ettercap-project Vulnerability Alert

What is CVE-2014-9377?

A heap-based buffer overflow vulnerability exists in the nbns_spoof function within Ettercap 0.8.1. This flaw allows remote attackers to send a malformed netbios packet, potentially leading to a denial of service or enabling arbitrary code execution. The security risk is heightened due to the ability to exploit the vulnerability from remote locations, highlighting the importance of patching affected versions promptly.

References

https://security.gentoo.org/glsa/201505-01

vendor-advisoryx_refsource_GENTOO

https://github.com/Ettercap/ettercap/pull/603

x_refsource_CONFIRM

https://www.obrela.com/home/security-labs/advisories/osi-...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 19, 2014
Vulnerability Reserved
Dec 11, 2014

CVE-2014-9377 Data

JSON