Nicksampanis

**Name of the Vulnerable Software and Affected Versions** Ettercap versions prior to 0.8.1 **Description** The issue is related to a heap-based buffer overflow in the `dissector postgresql` function, which can be triggered by remote attackers sending a crafted password length value that does not match the actual length of the password. This can lead to a denial of service or potentially allow the execution of arbitrary code. **Recommendations** For versions prior to 0.8.1, update to version 0.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the `dissector postgresql` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Ettercap versions prior to 0.8.1 **Description** The issue allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length. This is triggered by writing a 0 character to an arbitrary memory location in the dissector postgresql function. **Recommendations** For versions prior to 0.8.1, update to version 0.8.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the dissector postgresql function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** The issue is caused by an integer underflow, allowing remote attackers to potentially execute arbitrary code or cause a denial of service through an out-of-bounds write. This can be achieved by providing a small size variable value in the `dissector dhcp` function, a specific length value to the `dissector gg` function, or a string length to the `get decode len` function. Additionally, sending a request without a `username` or `password` to the `dissector TN3270` function can also trigger the issue. **Recommendations** For Ettercap version 0.8.1, consider disabling the `dissector dhcp`, `dissector gg`, and `dissector TN3270` functions, as well as restricting the use of the `get decode len` function until a patch is available. Avoid using small size variable values, specific length values, or omitting the `username` or `password` in requests to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** A heap-based buffer overflow issue exists in the nbns spoof function, located in plug-ins/nbns spoof/nbns spoof.c. This allows remote attackers to potentially cause a denial of service or execute arbitrary code by sending a large netbios packet. **Recommendations** For Ettercap version 0.8.1, consider disabling the nbns spoof function as a temporary workaround until a patch is available. Restrict access to the nbns spoof module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** The issue allows remote attackers to cause a denial of service or possibly execute arbitrary code. This can be achieved by sending a crafted name to the `parse line` function in `mdns spoof/mdns spoof.c` or a base64 encoded password to the `dissector imap` function in `dissectors/ec imap.c`. **Recommendations** For Ettercap version 0.8.1, as a temporary workaround, consider disabling the `parse line` function in `mdns spoof/mdns spoof.c` and the `dissector imap` function in `dissectors/ec imap.c` until a patch is available. Avoid using base64 encoded passwords in the affected `dissector imap` function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** The issue is related to an incorrect cast in the `radius get attribute` function, which can lead to a denial of service (crash) or potentially allow the execution of arbitrary code via unspecified vectors, triggering a stack-based buffer overflow. **Recommendations** For Ettercap version 0.8.1, consider applying a patch or fix that corrects the incorrect cast in the `radius get attribute` function to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** The issue allows remote attackers to cause a denial of service, specifically an out-of-bounds read, by sending a packet that contains only a CVS LOGIN signature. This is related to the dissector cvs function in the dissectors/ec cvs.c file. **Recommendations** For Ettercap version 0.8.1, consider restricting access to the dissector cvs function in dissectors/ec cvs.c until a patch is available. As a temporary workaround, avoid processing packets containing only a CVS LOGIN signature to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.1 **Description** The issue is caused by an integer signedness error in the dissector cvs function, which can be exploited by remote attackers to cause a denial of service (crash) via a crafted password. This triggers a large memory allocation. **Recommendations** For Ettercap version 0.8.1, consider disabling the dissector cvs function as a temporary workaround until a patch is available. Restrict access to the affected function to minimize the risk of exploitation. Avoid using crafted passwords in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.