Overview
Ettercap has a format string vulnerability in the ncurses user interface.
Description
Ettercap is open-source software designed for man-in-the-middle attacks on LANs. Ettercap contains multiple user interfaces, including one written using ncurses, a library for manipulating text screens. In Ettercap v.NG-0.7.2, the ncurses user interface suffers from a format string defect. Previous versions may also be vulnerable. curses_msg() in ec_curses.c calls wdg_scroll_print(), which takes a format string and its parameters and passes it to vw_printw(). curses_msg() uses one of its parameters as the format string. This input can include user-data, allowing for a format string vulnerability. |
Impact
According to public reports, if Ettercap is running in ncurses mode, a malicious network packet can be constructed to execute arbitrary code. |
Solution
Upgrade to Ettercap v.NG-0.7.3 or later. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This report was created based on information from Ettercap maintainers.
This document was written by Hal Burch.
Other Information
| CVE IDs: | CVE-2005-1796 |
| Severity Metric: | 8.11 |
| Date Public: | 2005-05-31 |
| Date First Published: | 2005-07-06 |
| Date Last Updated: | 2005-07-11 19:08 UTC |
| Document Revision: | 19 |