CVE-2017-8366

Source
Severity High
Remote No
Type Arbitrary code execution
Description
The strescape function in ec_strings.c in Ettercap 0.8.2 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code via a crafted filter that is mishandled by etterfilter.
Group Package Affected Fixed Severity Status Ticket
AVG-212 ettercap 0.8.2-4 0.8.2-5 High Fixed
Date Advisory Group Package Severity Description
18 Sep 2017 ASA-201709-16 AVG-212 ettercap High multiple issues
References
https://github.com/Ettercap/ettercap/issues/792
https://github.com/Ettercap/ettercap/issues/789
https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90