Lucene search

[email protected]CVE-2014-9377

HistoryDec 19, 2014 - 3:59 p.m.

CVE-2014-9377

2014-12-1915:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-9377

ettercap 0.8.1

nbns_spoof

buffer overflow

denial of service

remote code execution

nvd

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.079 Low

EPSS

Percentile

94.2%

JSON

Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet.

CPENameOperatorVersion
ettercap-project:ettercapettercap-project ettercapeq0.8.1

CPE	Name	Operator	Version
ettercap-project:ettercap	ettercap-project ettercap	eq	0.8.1

References

www.securityfocus.com/archive/1/534248/100/0/threaded

www.securityfocus.com/bid/71690

github.com/Ettercap/ettercap/pull/603

security.gentoo.org/glsa/201505-01

www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/

8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.079 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2014-9377

prion1 ubuntucve1 cvelist1 debiancve1 exploitpack1 packetstorm1 exploitdb1 fedora6 securityvulns2 openvas8 nessus7 gentoo1 mageia1 archlinux2