Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: ettercap

Found 3 matching suggestions

Published
Permalink CVE-2026-3606
updated 1 week ago by @mweinelt Activity log
  • Created automatic suggestion 1 week, 2 days ago
  • @mweinelt accepted 1 week ago
  • @mweinelt published on GitHub 1 week ago
Ettercap etterfilter ef_output.c add_data_segment out-of-bounds

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

Affected products

Ettercap
  • ==0.8.4-Garofalo

Matching in nixpkgs

Package maintainers

Upstream issue: https://github.com/Ettercap/ettercap/issues/1297
Untriaged
Permalink CVE-2010-3843
created 3 weeks, 4 days ago
The GTK version of ettercap uses a global settings file …

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.

References

Affected products

ettercap
  • ==ettercap 0.7.5

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2010-3844
created 3 weeks, 4 days ago
An unchecked sscanf() call in ettercap before 0.7.5 allows an …

An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.

References

Affected products

ettercap
  • ==0.7.3

Matching in nixpkgs

Package maintainers