cbcvebase.
CVE-2014-6396
published 2014-12-19

CVE-2014-6396: The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly…

PriorityP339high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.59%
88.0th percentile
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianettercap< ettercap 1:0.8.1-3 (bookworm)ettercap 1:0.8.1-3 (bookworm)
ettercap-projectettercap<= 0.8.0
ettercap-projectettercap>= 0 < 1:0.8.1-31:0.8.1-3
ettercap-projectettercap>= 0 < 1:0.8.1-31:0.8.1-3
ettercap-projectettercap>= 0 < 1:0.8.1-31:0.8.1-3
ettercap-projectettercap>= 0 < 1:0.8.1-31:0.8.1-3

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.