Vulnerability Development mailing list archives
Re: Potential hole in Ettercap 0.6.2
From: Melsa <3Melsa3 () mail ru>
Date: Tue, 04 Dec 2001 20:20:05 +0100
i have suse 7.3 pro , i have test ettercap 0.6.2 (c) 2001 ALoR & NaGA linux:~ # ettercap %x%x%x%x%x%x%x Invalid host address %x%x%x%x%x%x%x !! Am 04.12.2001 19:33:16, schrieb Blue Boar <BlueBoar () thievco com>:
Goobles sent another post to vuln-dev today, which was rejected due to personal attacks in their note. I want to check out their claim, however. If you want to see their original posting, it's on their web site like the others, I'm sure. It includes a claimed exploit, which cannot be posted due to their wishes that it not be separated from the advisory. If someone wants to write an independent exploit, I'd be happy to post that, provided it follows the list rules, of course. Here's the basic problem: ettercap %x%x%x%x%x%x%x ettercap 0.6.2 brought from the dark side of the net by ALoR and NaGA... may the packets be with you... Invalid host address 807a0ef807a0e900bffffb71bffff850805ad52 !! Gobbles' point is that there is an option to configure it suid, so this could be exploitable when that is used. Why someone would want a packet capture program to be used by non-priv users.. Well, I'm sure there's a good reason somewhere in the world. Is anyone using it that way? Are there OS distributions that come with Ettercap installed by default? And, of course, is it suid? (I can't imagine it would be.) The workaround is obvious, don't run it suid or allow remote users who do not already have a shell to execute it with a command-line parameter (such as via a web interface.) BB
Current thread:
- Potential hole in Ettercap 0.6.2 Blue Boar (Dec 04)
- Re: Potential hole in Ettercap 0.6.2 Michal Zalewski (Dec 04)
- Re: Potential hole in Ettercap 0.6.2 Blue Boar (Dec 04)
- Re: Potential hole in Ettercap 0.6.2 Jonathan Bloomquist (Dec 04)
- Proof of concept for the format bug in Ettercap 0.6.2 BAILLEUX Christophe (Dec 05)
- <Possible follow-ups>
- Re:Potential hole in Ettercap 0.6.2 w1re p4ir (Dec 04)
- Re:Potential hole in Ettercap 0.6.2 ALoR (Dec 04)
- Re:Potential hole in Ettercap 0.6.2 Jose Nazario (Dec 04)
- Message not available
- Re:Potential hole in Ettercap 0.6.2 ALoR (Dec 04)
- Re:Potential hole in Ettercap 0.6.2 ALoR (Dec 04)
- Re: Potential hole in Ettercap 0.6.2 Michal Zalewski (Dec 04)
- Re: Potential hole in Ettercap 0.6.2 Melsa (Dec 04)