Vulnerabilities > CVE-2010-3843 - Unspecified vulnerability in Ettercap-Project Ettercap 0.7.3

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
ettercap-project
nessus

Summary

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.

Vulnerable Configurations

Part Description Count
Application
Ettercap-Project
1

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-1054.NASL
    descriptionNew upstream, and patch for insecure global settings file. Restored RPM_OPT_FLAGS to build. New upstream, and patch for insecure global settings file. New upstream, and patch for insecure global settings file. New upstream, and patch for insecure global settings file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-02-09
    plugin id57866
    published2012-02-09
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/57866
    titleFedora 16 : ettercap-0.7.4-3.fc16 (2012-1054)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-1066.NASL
    descriptionNew upstream, and patch for insecure global settings file. Restored RPM_OPT_FLAGS to build. New upstream, and patch for insecure global settings file. New upstream, and patch for insecure global settings file. New upstream, and patch for insecure global settings file. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-02-09
    plugin id57867
    published2012-02-09
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/57867
    titleFedora 15 : ettercap-0.7.4-3.fc15 (2012-1066)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2013-077.NASL
    descriptionUpdated ettercap package fixes security vulnerability : The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read\(\) (src/interfaces/gtk/ec_gtk_conf.c), an unchecked sscanf\(\) call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack (CVE-2010-3843).
    last seen2020-06-01
    modified2020-06-02
    plugin id66091
    published2013-04-20
    reporterThis script is Copyright (C) 2013-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/66091
    titleMandriva Linux Security Advisory : ettercap (MDVSA-2013:077)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201405-12.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201405-12 (Ettercap: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Ettercap: Ettercap does not handle temporary files securely (CVE-2010-3843). A format string flaw in Ettercap could cause a buffer overflow (CVE-2010-3844). A stack-based buffer overflow exists in Ettercap (CVE-2013-0722). Impact : A remote attacker could entice a user to load a specially crafted configuration file using Ettercap, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id74055
    published2014-05-19
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74055
    titleGLSA-201405-12 : Ettercap: Multiple vulnerabilities