CVE-2013-0722: Buffer Overflow
First published: Thu Jan 10 2013(Updated: )
A stack-based buffer overflow was reported [1],[2] in Ettercap <= 0.7.5.1. A boundary error within the scan_load_hosts() function (in src/ec_scan.c), when parsing entries from a hosts list, could be exploited to cause a stack-based buffer overflow via an overly long entry. In order to exploit this, a user must be tricked into loading a malicious host file. This has not yet been corrected upstream, but a proposed patch is available [3]. The initial report [1] indicates that this was given the name <a href="https://access.redhat.com/security/cve/CVE-2012-0722">CVE-2012-0722</a>. [1] <a href="http://www.exploit-db.com/exploits/23945/">http://www.exploit-db.com/exploits/23945/</a> [2] <a href="https://secunia.com/advisories/51731/">https://secunia.com/advisories/51731/</a> [3] <a href="http://www.securation.com/files/2013/01/ec.patch">http://www.securation.com/files/2013/01/ec.patch</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/ettercap | <0.7.5.2 | 0.7.5.2 |
| Ettercap | <=0.7.5.1 | |
| Ettercap | =0.6.3.1 | |
| Ettercap | =0.7.2 | |
| Ettercap | =0.7.3 | |
| Ettercap | =0.7.4 | |
| Ettercap | =0.7.4.1 | |
| Ettercap | =0.7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/51731
- http://www.exploit-db.com/exploits/23945/
- http://www.securation.com/files/2013/01/ec.patch
- http://www.securityfocus.com/bid/57175
- https://bugs.gentoo.org/show_bug.cgi?id=451198
- https://bugzilla.redhat.com/show_bug.cgi?id=894092
- https://access.redhat.com/security/cve/CVE-2012-0722
- https://secunia.com/advisories/51731/
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=894094
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=894096
- https://access.redhat.com/security/cve/CVE-2013-0722
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=894092#c5
- https://github.com/Ettercap/ettercap/archive/v0.7.5.2.tar.gz
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=894092#c9
Frequently Asked Questions
What is the severity of CVE-2013-0722?
CVE-2013-0722 has a high severity due to the potential for remote code execution through a stack-based buffer overflow.
How do I fix CVE-2013-0722?
To mitigate CVE-2013-0722, upgrade Ettercap to version 0.7.5.2 or later.
What versions are affected by CVE-2013-0722?
CVE-2013-0722 affects Ettercap versions up to and including 0.7.5.1.
What is the nature of the vulnerability in CVE-2013-0722?
CVE-2013-0722 is a stack-based buffer overflow caused by improper handling of overly long entries in a hosts list.
Can CVE-2013-0722 be exploited remotely?
Yes, CVE-2013-0722 can be exploited remotely if an attacker can send specially crafted input to the affected software.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-0722
- agent/software-canonical-lookup
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/redhat
- vendor/ettercap-project
- canonical/ettercap
- version/ettercap/0.7.5.1
- version/ettercap/0.6.3.1
- version/ettercap/0.7.2
- version/ettercap/0.7.3
- version/ettercap/0.7.4
- version/ettercap/0.7.4.1
- version/ettercap/0.7.5