CVE-2017-6430
published 2017-03-15CVE-2017-6430: The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service…
PriorityP422medium5.5CVSS 3.0
AVLACLPRNUIRSUCNINAH
EPSS
1.97%
78.0th percentile
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | ettercap | < ettercap 1:0.8.2-4 (bookworm) | ettercap 1:0.8.2-4 (bookworm) |
| ettercap-project | ettercap | <= 0.8.2 | — |
| ettercap-project | ettercap | >= 0 < 1:0.8.2-4 | 1:0.8.2-4 |
| ettercap-project | ettercap | >= 0 < 1:0.8.2-4 | 1:0.8.2-4 |
| ettercap-project | ettercap | >= 0 < 1:0.8.2-4 | 1:0.8.2-4 |
| ettercap-project | ettercap | >= 0 < 1:0.8.2-4 | 1:0.8.2-4 |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv5.5MEDIUM
vendor_debian5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j8fm-f42x-52jx: The compile_tree function in ef_compiler
ghsa_unreviewed·2022-05-13
CVE-2017-6430 [MEDIUM] CWE-125 GHSA-j8fm-f42x-52jx: The compile_tree function in ef_compiler
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
OSV
CVE-2017-6430: The compile_tree function in ef_compiler
osv·2017-03-15·CVSS 5.5
CVE-2017-6430 [MEDIUM] CVE-2017-6430: The compile_tree function in ef_compiler
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
Debian
CVE-2017-6430: ettercap - The compile_tree function in ef_compiler.c in the Etterfilter utility in Etterca...
vendor_debian·2017·CVSS 5.5
CVE-2017-6430 [MEDIUM] CVE-2017-6430: ettercap - The compile_tree function in ef_compiler.c in the Etterfilter utility in Etterca...
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
Scope: local
bookworm: resolved (fixed in 1:0.8.2-4)
bullseye: resolved (fixed in 1:0.8.2-4)
forky: resolved (fixed in 1:0.8.2-4)
sid: resolved (fixed in 1:0.8.2-4)
trixie: resolved (fixed in 1:0.8.2-4)
No detection rules found.
No public exploits indexed.
http://www.debian.org/security/2017/dsa-3874http://www.securityfocus.com/archive/1/540223/100/0/threadedhttp://www.securityfocus.com/bid/96582http://www.securitytracker.com/id/1038057https://github.com/Ettercap/ettercap/issues/782https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506http://www.debian.org/security/2017/dsa-3874http://www.securityfocus.com/archive/1/540223/100/0/threadedhttp://www.securityfocus.com/bid/96582http://www.securitytracker.com/id/1038057https://github.com/Ettercap/ettercap/issues/782https://github.com/LocutusOfBorg/ettercap/commit/626dc56686f15f2dda13c48f78c2a666cb6d8506
2017-03-15
Published