Skip to main content

Ettercap CVE-2014-9380

MEDIUM
Buffer Overflow (CWE-119)
2014-12-19 cve@mitre.org
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:N/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P

Lifecycle Timeline

1
CVE Published
Dec 19, 2014 - 15:59 cve.org
MEDIUM 5.0

DescriptionCVE.org

The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.

AnalysisAI

The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature. Affected products include: Ettercap-Project Ettercap.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2014-6395 HIGH POC
7.5 Dec 19

Heap-based buffer overflow in the dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 a

CVE-2017-8366 CRITICAL POC
9.8 Apr 30

The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-base

CVE-2017-6430 MEDIUM POC
5.5 Mar 15

The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attack

CVE-2013-0722 MEDIUM POC
4.4 Jan 11

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow loc

CVE-2014-9376 HIGH
7.5 Dec 19

Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possi

CVE-2014-6396 HIGH
7.5 Dec 19

The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to caus

CVE-2014-9379 HIGH
7.5 Dec 19

The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an incorrect cast, which allows r

CVE-2014-9377 HIGH
7.5 Dec 19

Heap-based buffer overflow in the nbns_spoof function in plug-ins/nbns_spoof/nbns_spoof.c in Ettercap 0.8.1 allows remot

CVE-2014-9378 HIGH
7.5 Dec 19

Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a denial of service (cras

CVE-2026-9365 LOW POC
2.9 May 24

Heap-based buffer overflow in Ettercap's GG protocol dissector (versions up to 0.8.3) allows remote attackers to potenti

CVE-2014-9381 MEDIUM
5.0 Dec 19

Integer signedness error in the dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers

CVE-2026-3606 LOW
1.9 Mar 05

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segme

Share

CVE-2014-9380 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy