CVE-2014-9380
ettercap - security update
EPSS 0.89%
Description
The dissector_cvs function in dissectors/ec_cvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a packet containing only a CVS_LOGIN signature.
How to fix CVE-2014-9380
To remediate CVE-2014-9380, upgrade the affected package to a fixed version below.
- Debian/ettercap—upgrade to 1:0.8.1-3 or later
- Debian/ettercap—upgrade to 1:0.7.3-2.1+squeeze2 or later
Is CVE-2014-9380 being exploited?
Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1:0.8.1-3
- from 0, < 1:0.7.3-2.1+squeeze2