Skip to main content

Ettercap CVE-2013-0722

MEDIUM
Buffer Overflow (CWE-119)
2013-01-11 cve@mitre.org
4.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:M/Au:N/C:P/I:P/A:P
Attack Vector
Local
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Jan 11, 2013 - 22:55 cve.org
MEDIUM 4.4

DescriptionCVE.org

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.

AnalysisAI

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long. Rated medium severity (CVSS 4.4). Public exploit code available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line. Affected products include: Ettercap-Project Ettercap.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2014-6395 HIGH POC
7.5 Dec 19

Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 a

CVE-2017-8366 CRITICAL POC
9.8 Apr 30

The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-base

CVE-2017-6430 MEDIUM POC
5.5 Mar 15

The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attack

CVE-2014-9376 HIGH
7.5 Dec 19

Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possi

CVE-2014-6396 HIGH
7.5 Dec 19

The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to caus

CVE-2014-9379 HIGH
7.5 Dec 19

The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows r

CVE-2014-9377 HIGH
7.5 Dec 19

Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remot

CVE-2014-9378 HIGH
7.5 Dec 19

Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (cras

CVE-2026-9365 LOW POC
2.9 May 24

Heap-based buffer overflow in Ettercap's GG protocol dissector (versions up to 0.8.3) allows remote attackers to potenti

CVE-2014-9381 MEDIUM
5.0 Dec 19

Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers

CVE-2014-9380 MEDIUM
5.0 Dec 19

The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service

CVE-2026-3606 LOW
1.9 Mar 05

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segme

Share

CVE-2013-0722 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy