| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
The strescape function in ec_strings.c in Ettercap 0.8.2 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code via a crafted filter that is mishandled by etterfilter. |
|
| References |
| + |
https://github.com/Ettercap/ettercap/issues/792 |
| + |
https://github.com/Ettercap/ettercap/issues/789 |
| + |
https://github.com/Ettercap/ettercap/commit/1083d604930ebb9f350126b83802ecd2cbc17f90 |
|
| Notes |
|