Stack-based Buffer Overflow in Ettercap by GPL
CVE-2014-9379

Currently unrated

Key Information:

Vendor: Ettercap-project
Status: Ettercap
Vendor: CVE Published:; 19 December 2014

🔔 Create Ettercap-project Vulnerability Alert

What is CVE-2014-9379?

A vulnerability exists in the radius_get_attribute function within dissectors/ec_radius.c of Ettercap 0.8.1 due to an improper cast. This flaw allows an attacker to perform a denial of service by crashing the application or even potentially execute arbitrary code through unspecified means, resulting in a stack-based buffer overflow.

References

https://security.gentoo.org/glsa/201505-01

vendor-advisoryx_refsource_GENTOO

https://github.com/Ettercap/ettercap/pull/607

x_refsource_CONFIRM

https://www.obrela.com/home/security-labs/advisories/osi-...

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 19, 2014
Vulnerability Reserved
Dec 11, 2014

CVE-2014-9379 Data

JSON