Lucene search

[email protected]CVE-2014-6395

HistoryDec 19, 2014 - 3:59 p.m.

CVE-2014-6395

2014-12-1915:59:06

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-6395

ettercap

buffer overflow

denial of service

remote attack

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.695 Medium

EPSS

Percentile

98.0%

JSON

Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password.

Affected configurations

NVD

Node

ettercap-projectettercapRange≤0.8.0

CPENameOperatorVersion
ettercap-project:ettercapettercap-project ettercaple0.8.0

CPE	Name	Operator	Version
ettercap-project:ettercap	ettercap-project ettercap	le	0.8.0

References

www.securityfocus.com/archive/1/534248/100/0/threaded

www.securityfocus.com/bid/71689

github.com/Ettercap/ettercap/commit/e3abe7d7585ecc420a7cab73313216613aadad5a

security.gentoo.org/glsa/201505-01

www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.3 High

AI Score

Confidence

High

0.695 Medium

EPSS

Percentile

98.0%

JSON

Related for CVE-2014-6395

prion1 debiancve1 cvelist1 zdt1 ubuntucve1 nvd1 exploitpack1 packetstorm1 exploitdb1 fedora6 nessus7 securityvulns2 openvas8 mageia1 gentoo1 archlinux2