CVE-2013-0722

2013-01-1122:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2013-0722

ettercap

buffer overflow

security vulnerability

privilege escalation

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.

Affected configurations

NVD

Node

ettercap-projectettercapRange≤0.7.5.1

ettercap-projectettercapMatch0.6.3.1

ettercap-projectettercapMatch0.7.2

ettercap-projectettercapMatch0.7.3

ettercap-projectettercapMatch0.7.4

ettercap-projectettercapMatch0.7.4.1

ettercap-projectettercapMatch0.7.5

CPENameOperatorVersion
ettercap-project:ettercapettercap-project ettercaple0.7.5.1
ettercap-project:ettercapettercap-project ettercapeq0.6.3.1
ettercap-project:ettercapettercap-project ettercapeq0.7.2
ettercap-project:ettercapettercap-project ettercapeq0.7.3
ettercap-project:ettercapettercap-project ettercapeq0.7.4
ettercap-project:ettercapettercap-project ettercapeq0.7.4.1
ettercap-project:ettercapettercap-project ettercapeq0.7.5

CPE	Name	Operator	Version
ettercap-project:ettercap	ettercap-project ettercap	le	0.7.5.1
ettercap-project:ettercap	ettercap-project ettercap	eq	0.6.3.1
ettercap-project:ettercap	ettercap-project ettercap	eq	0.7.2
ettercap-project:ettercap	ettercap-project ettercap	eq	0.7.3
ettercap-project:ettercap	ettercap-project ettercap	eq	0.7.4
ettercap-project:ettercap	ettercap-project ettercap	eq	0.7.4.1
ettercap-project:ettercap	ettercap-project ettercap	eq	0.7.5