diff options
author | rea <rea@FreeBSD.org> | 2013-01-17 03:13:31 +0800 |
---|---|---|
committer | rea <rea@FreeBSD.org> | 2013-01-17 03:13:31 +0800 |
commit | c4c8277bad203ca563d0e378b013e9cac80e4c16 (patch) | |
tree | d1831516c5a138bedf073db97cb2cb83f9ae8b2a /security/vuxml | |
parent | 01ab61720c0326af8df44fa6820428b247dd77f8 (diff) | |
download | freebsd-ports-gnome-c4c8277bad203ca563d0e378b013e9cac80e4c16.tar.gz freebsd-ports-gnome-c4c8277bad203ca563d0e378b013e9cac80e4c16.tar.zst freebsd-ports-gnome-c4c8277bad203ca563d0e378b013e9cac80e4c16.zip |
VuXML: document buffer overflow in ettercap (CVE-2013-0722)
Reviewed by: simon@
Diffstat (limited to 'security/vuxml')
-rw-r--r-- | security/vuxml/vuln.xml | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 7137477cebdc..b45c8026f4a0 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,38 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="1b9b199f-5efd-11e2-a1ee-c48508086173"> + <topic>ettercap -- buffer overflow in target list parsing</topic> + <affects> + <package> + <name>ettercap</name> + <range><lt>0.7.4.1</lt></range> + <range><ge>0.7.5</ge></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Host target list parsing routine in ettercap + 0.7.4-series prior to 0.7.4.1 and 0.7.5-series + is prone to the stack-based buffer overflow that + may lead to the code execution with the privileges + of the ettercap process.</p> + <p>In order to trigger this vulnerability, user or service + that use ettercap should be tricked to pass the crafted list + of targets via the "-j" option.</p> + </body> + </description> + <references> + <cvename>CVE-2013-0722</cvename> + <url>http://www.exploit-db.com/exploits/23945/</url> + <url>https://secunia.com/advisories/51731/</url> + </references> + <dates> + <discovery>2013-01-07</discovery> + <entry>2013-01-16</entry> + </dates> + </vuln> + <vuln vid="d5e0317e-5e45-11e2-a113-c48508086173"> <topic>java 7.x -- security manager bypass</topic> <affects> |