Suggestions search

Untriaged

Filter by:

With package: bettercap

Found 3 matching suggestions

View:

Compact

Detailed

Permalink CVE-2026-3606

3.3 LOW

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

created 1 month, 2 weeks ago Activity log

Created suggestion 1 month, 2 weeks ago

Ettercap etterfilter ef_output.c add_data_segment out-of-bounds

A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.

References

VDB-349218 | Ettercap etterfilter ef_output.c add_data_segment out-of-bounds vdb-entrytechnical-description
VDB-349218 | CTI Indicators (IOB, IOC, IOA) signaturepermissions-required
Submit #764648 | Ettercap ettercap Ettercap v0.8.4-Garofalo and master-branch Heap-based Buffer Overflow third-party-advisory
https://github.com/Ettercap/ettercap/issues/1297 issue-tracking
https://github.com/oneafter/0202/blob/main/et/repro exploit
https://github.com/Ettercap/ettercap/ product

Affected products

Ettercap

==0.8.4-Garofalo

Matching in nixpkgs

pkgs.ettercap

Comprehensive suite for man in the middle attacks

nixos-unstable 0.8.4-unstable-2025-07-16
- nixpkgs-unstable 0.8.4-unstable-2025-07-16
- nixos-unstable-small 0.8.4-unstable-2025-07-16
nixos-25.11 0.8.4-unstable-2025-07-16
- nixos-25.11-small 0.8.4-unstable-2025-07-16
- nixpkgs-25.11-darwin 0.8.4-unstable-2025-07-16

pkgs.bettercap

Man in the middle tool

nixos-unstable 2.41.5
- nixpkgs-unstable 2.41.5
- nixos-unstable-small 2.41.5
nixos-25.11 2.41.4
- nixos-25.11-small 2.41.4
- nixpkgs-25.11-darwin 2.41.4

Package maintainers

@y0no Yoann Ono <y0no@y0no.fr>
@pSub Pascal Wittmann <mail@pascal-wittmann.de>

Permalink CVE-2010-3844

created 2 months ago Activity log

Created suggestion 2 months ago

An unchecked sscanf() call in ettercap before 0.7.5 allows an …

An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-sized buffer on the stack.

References

https://security-tracker.debian.org/tracker/CVE-2010-3844 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2010-3844 x_transferredx_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600130 x_transferredx_refsource_MISC
https://github.com/Ettercap/ettercap/commit/4ef3ede30181eca9add74305ad26dbcb0c3… x_transferredx_refsource_MISC

Affected products

ettercap

==0.7.3

Matching in nixpkgs

pkgs.ettercap

Comprehensive suite for man in the middle attacks

nixos-unstable 0.8.4-unstable-2025-07-16
- nixpkgs-unstable 0.8.4-unstable-2025-07-16
- nixos-unstable-small 0.8.4-unstable-2025-07-16
nixos-25.11 0.8.4-unstable-2025-07-16
- nixos-25.11-small 0.8.4-unstable-2025-07-16
- nixpkgs-25.11-darwin 0.8.4-unstable-2025-07-16

pkgs.bettercap

Man in the middle tool

nixos-unstable 2.41.5
- nixpkgs-unstable 2.41.5
- nixos-unstable-small 2.41.5
nixos-25.11 2.41.4
- nixos-25.11-small 2.41.4
- nixpkgs-25.11-darwin 2.41.4

Package maintainers

@y0no Yoann Ono <y0no@y0no.fr>
@pSub Pascal Wittmann <mail@pascal-wittmann.de>

Permalink CVE-2010-3843

created 2 months ago Activity log

Created suggestion 2 months ago

The GTK version of ettercap uses a global settings file …

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.

References

https://bugzilla.redhat.com/show_bug.cgi?id=643453 x_transferredx_refsource_MISC
https://bugs.launchpad.net/ubuntu/+source/ettercap/+bug/656347 x_transferredx_refsource_MISC
http://article.gmane.org/gmane.comp.security.oss.general/3660 x_transferredx_refsource_MISC

Affected products

ettercap

==ettercap 0.7.5

Matching in nixpkgs

pkgs.ettercap

Comprehensive suite for man in the middle attacks

nixos-unstable 0.8.4-unstable-2025-07-16
- nixpkgs-unstable 0.8.4-unstable-2025-07-16
- nixos-unstable-small 0.8.4-unstable-2025-07-16
nixos-25.11 0.8.4-unstable-2025-07-16
- nixos-25.11-small 0.8.4-unstable-2025-07-16
- nixpkgs-25.11-darwin 0.8.4-unstable-2025-07-16

pkgs.bettercap

Man in the middle tool

nixos-unstable 2.41.5
- nixpkgs-unstable 2.41.5
- nixos-unstable-small 2.41.5
nixos-25.11 2.41.4
- nixos-25.11-small 2.41.4
- nixpkgs-25.11-darwin 2.41.4

Package maintainers

@y0no Yoann Ono <y0no@y0no.fr>
@pSub Pascal Wittmann <mail@pascal-wittmann.de>