Nixpkgs security tracker
Untriaged
Permalink
CVE-2026-3606
3.3 LOW
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
Activity log
- Created suggestion
Ettercap etterfilter ef_output.c add_data_segment out-of-bounds
A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
References
-
VDB-349218 | Ettercap etterfilter ef_output.c add_data_segment out-of-bounds vdb-entrytechnical-description
-
-
https://github.com/Ettercap/ettercap/issues/1297 issue-tracking
Affected products
Ettercap
- ==0.8.4-Garofalo
Matching in nixpkgs
pkgs.ettercap
Comprehensive suite for man in the middle attacks
-
nixos-unstable 0.8.4-unstable-2025-07-16
- nixpkgs-unstable 0.8.4-unstable-2025-07-16
- nixos-unstable-small 0.8.4-unstable-2025-07-16
-
nixos-25.11 0.8.4-unstable-2025-07-16
- nixos-25.11-small 0.8.4-unstable-2025-07-16
- nixpkgs-25.11-darwin 0.8.4-unstable-2025-07-16
Package maintainers
-
@y0no Yoann Ono <y0no@y0no.fr>
-
@pSub Pascal Wittmann <mail@pascal-wittmann.de>