FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2013-0722

This CVE name corresponds to:

Entered Topic
2013-01-16 ettercap -- buffer overflow in target list parsing

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2013-0722
Phase Assigned(20130102)

Description

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.

References

Source Reference
EXPLOIT-DB 23945
MISC http://www.securation.com/files/2013/01/ec.patch
CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=451198
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=894092
SECUNIA 51731