N/A

Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds write) and possibly execute arbitrary code via a small (1) size variable value in the dissector_dhcp function in dissectors/ec_dhcp.c, (2) length value to the dissector_gg function in dissectors/ec_gg.c, or (3) string length to the get_decode_len function in ec_utils.c or a request without a (4) username or (5) password to the dissector_TN3270 function in dissectors/ec_TN3270.c.

N/A

N/A

Ettercap 整数溢出漏洞

Ettercap是Ettercap团队开发的一套基于Linux和BSD平台的多用途数据包嗅探程序，它支持创建和发送伪造的包、发送从网络适配器到应用软件各种级别的包、绑定监听数据到一个本地端口等。 Ettercap 8.1版本中存在整数溢出漏洞，该漏洞源于dissectors/ec_dhcp.c文件中的‘dissector_dhcp’函数没有充分过滤变量值；dissectors/ec_gg.c文件中的‘dissector_gg’函数没有充分过滤‘length’值；ec_utils.c文件中的‘get_dec

N/A

N/A