CVE-2013-0722 - Vulnerability Details - OpenCVE

Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ettercap-project	Ettercap

Configuration 1 [-]

OR	cpe:2.3:a:ettercap-project:ettercap::::::::
	cpe:2.3:a:ettercap-project:ettercap:0.6.3.1:::::::*
	cpe:2.3:a:ettercap-project:ettercap:0.7.2:::::::*
	cpe:2.3:a:ettercap-project:ettercap:0.7.3:::::::*
	cpe:2.3:a:ettercap-project:ettercap:0.7.4:::::::*
	cpe:2.3:a:ettercap-project:ettercap:0.7.4.1:::::::*
	cpe:2.3:a:ettercap-project:ettercap:0.7.5:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/51731
http://www.exploit-db.com/exploits/23945/
http://www.securation.com/files/2013/01/ec.patch
http://www.securityfocus.com/bid/57175
https://bugs.gentoo.org/show_bug.cgi?id=451198
https://bugzilla.redhat.com/show_bug.cgi?id=894092

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2013-01-11T22:00:00

Updated: 2024-08-06T14:33:05.535Z

Reserved: 2013-01-02T00:00:00

Link: CVE-2013-0722

Vulnrichment

No data.

NVD

Status : Modified

Published: 2013-01-11T22:55:01.667

Modified: 2024-11-21T01:48:04.150

Link: CVE-2013-0722

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-01-07T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-06T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.securation.com/files/2013/01/ec.patch"}, {"name": "23945", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/23945/"}, {"name": "51731", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51731"}, {"name": "57175", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/57175"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=451198"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894092"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-0722", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.securation.com/files/2013/01/ec.patch", "refsource": "MISC", "url": "http://www.securation.com/files/2013/01/ec.patch"}, {"name": "23945", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/23945/"}, {"name": "51731", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51731"}, {"name": "57175", "refsource": "BID", "url": "http://www.securityfocus.com/bid/57175"}, {"name": "https://bugs.gentoo.org/show_bug.cgi?id=451198", "refsource": "CONFIRM", "url": "https://bugs.gentoo.org/show_bug.cgi?id=451198"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=894092", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894092"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:33:05.535Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securation.com/files/2013/01/ec.patch"}, {"name": "23945", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/23945/"}, {"name": "51731", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51731"}, {"name": "57175", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/57175"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=451198"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894092"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-0722", "datePublished": "2013-01-11T22:00:00", "dateReserved": "2013-01-02T00:00:00", "dateUpdated": "2024-08-06T14:33:05.535Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ettercap-project:ettercap:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD6B6096-C0C1-4B44-B093-46C5EB4F225B", "versionEndIncluding": "0.7.5.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.6.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1C1E667A-42E3-42E9-9BFC-F2CE7AC315C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "AB5F208A-D2C2-4EB7-9114-BBBFEDB85F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2978311-721E-41CB-9F3B-6C6B8F492A1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "67C5AFC4-D295-40DC-B595-08EE008B32B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "33D13D1D-80B4-4D6D-84AA-1285478542A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ettercap-project:ettercap:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "32F0A97E-397A-4799-B325-A4DF992D7482", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en la funci\u00f3n scan_load_hosts en ec_scan.c en Ettercap v0.7.5.1 y anteriores podr\u00eda permitir a usuarios locales obetner privilegios a trav\u00e9s de una lista de hosts troyanizada conteniendo una l\u00ednea larga."}], "id": "CVE-2013-0722", "lastModified": "2024-11-21T01:48:04.150", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-01-11T22:55:01.667", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51731"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/23945/"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securation.com/files/2013/01/ec.patch"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/57175"}, {"source": "cve@mitre.org", "url": "https://bugs.gentoo.org/show_bug.cgi?id=451198"}, {"source": "cve@mitre.org", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894092"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51731"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/23945/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securation.com/files/2013/01/ec.patch"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/57175"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.gentoo.org/show_bug.cgi?id=451198"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=894092"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}