Debian: New ettercap packages fix arbitrary code execution

    Date10 Jul 2005
    CategoryDebian
    5654
    Posted ByJoe Shakespeare
    A vulnerability was discovered in the ettercap package which could allow a remote attacker to execute arbitrary code on the system running ettercap.
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA 749-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    http://www.debian.org/security/                            Michael Stone
    July 10, 2005                         http://www.debian.org/security/faq
    - ------------------------------------------------------------------------
    
    Package        : ettercap
    Vulnerability  : arbitrary code execution
    Problem type   : format string error
    Debian-specific: no
    CVE Id(s)      : CAN-2005-1796
    
    A vulnerability was discovered in the ettercap package which could allow
    a remote attacker to execute arbitrary code on the system running
    ettercap.
    
    The old stable distribution (woody) did not include ettercap.
    
    For the stable distribution (sarge), this problem has been fixed in
    version 0.7.1-1sarge1.
    
    For the unstable distribution (sid), this problem has been fixed in
    version 0.7.3-1.
    
    We recommend that you upgrade your ettercap package.
    
    Upgrade instructions
    - --------------------
    
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    
    
    Debian 3.1 (sarge)
    - ------------------
    
      sarge was released for alpha, arm, hppa, i386, ia64, m68k, mips, mipsel, powerpc, s390 and sparc.
    
      Source archives:
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1.orig.tar.gz
          Size/MD5 checksum:  1121758 f769039e0e967e9e09d0365fe358d683
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.diff.gz
          Size/MD5 checksum:     4027 409603f119d07401bf7671b317e8ccef
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.dsc
          Size/MD5 checksum:      746 12b96cbc18bdb3bd7b431efbbfa73c34
    
      alpha architecture (DEC Alpha)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_alpha.deb
          Size/MD5 checksum:   262674 3360122f7ee141aa6f2d410f4f834933
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_alpha.deb
          Size/MD5 checksum:   318266 4b09b93eba161a30b2f6cd28c33d0f1d
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_alpha.deb
          Size/MD5 checksum:   221836 dbe0a871072bcd8d90318b271af1952b
    
      arm architecture (ARM)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_arm.deb
          Size/MD5 checksum:   202390 6feb651f0b27a18e36612804388356e8
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_arm.deb
          Size/MD5 checksum:   288022 062a0e8b4fdc2985a5bf9f5a0bc14fc4
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_arm.deb
          Size/MD5 checksum:   169426 b08226c852071b61b66c16fd012412ec
    
      hppa architecture (HP PA RISC)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_hppa.deb
          Size/MD5 checksum:   304744 59be8a0479f3b0c9512e5193865c6bc2
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_hppa.deb
          Size/MD5 checksum:   227462 c364ecfec15360338b93176d45d759f3
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_hppa.deb
          Size/MD5 checksum:   190422 abbb689c039c829ab4358c4983c96c96
    
      i386 architecture (Intel ia32)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_i386.deb
          Size/MD5 checksum:   208398 91059e61c393851e8edb3b841450b46d
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_i386.deb
          Size/MD5 checksum:   286292 be3fff62821300e02ee004deb7a3bf91
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_i386.deb
          Size/MD5 checksum:   173010 cba1a300d2d2add3c7c8720c287a7d10
    
      ia64 architecture (Intel ia64)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_ia64.deb
          Size/MD5 checksum:   331966 f316f4df7dfc6ea666288f7aa1ef955b
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_ia64.deb
          Size/MD5 checksum:   256862 64f34b09f95832daa6de66f4e5a9be0b
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_ia64.deb
          Size/MD5 checksum:   304328 6781371e63adcedd74db7a9435f77a64
    
      m68k architecture (Motorola Mc680x0)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_m68k.deb
          Size/MD5 checksum:   153950 310081b9ca119d2ce58c4cc779ea93c9
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_m68k.deb
          Size/MD5 checksum:   182234 6cea01aa78d8ab57b7365bcf1977f26a
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_m68k.deb
          Size/MD5 checksum:   284704 9fb2cbc636754bc116bb92136cd662c2
    
      mips architecture (MIPS (Big Endian))
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mips.deb
          Size/MD5 checksum:   180014 430dad7d762ab3d21ffdf5452d038a6f
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mips.deb
          Size/MD5 checksum:   296628 9dceaed8c2623ddb45a82b95f3c44480
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mips.deb
          Size/MD5 checksum:   210476 53c398ef40193a1fc5eede9f8b6d5e76
    
      mipsel architecture (MIPS (Little Endian))
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mipsel.deb
          Size/MD5 checksum:   298032 f599e9ca6ecf52622ccfcb3ac6f20bf3
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mipsel.deb
          Size/MD5 checksum:   182216 1ea0f7044b6b65c56b0d7ebd23842705
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mipsel.deb
          Size/MD5 checksum:   212338 c8e0734ab8090a77c84d63b57086dc06
    
      powerpc architecture (PowerPC)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_powerpc.deb
          Size/MD5 checksum:   322336 e7ab6f5e567b2cc271f180cb16f70476
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_powerpc.deb
          Size/MD5 checksum:   179370 b1f750e38e742030932ab076d4e62eac
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_powerpc.deb
          Size/MD5 checksum:   212186 96860165bf4e4e796eeaaea7d8ea4e51
    
      s390 architecture (IBM S/390)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_s390.deb
          Size/MD5 checksum:   296358 e2d6fac489aaca1da105b103dcf3c84c
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_s390.deb
          Size/MD5 checksum:   183506 d181a9d198e471ad6634c9b7b3fb6b18
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_s390.deb
          Size/MD5 checksum:   216164 f480772db37197c2ed364b61185e90f6
    
      sparc architecture (Sun SPARC/UltraSPARC)
    
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_sparc.deb
          Size/MD5 checksum:   289156 f3de4592a6ec6678c36499fe6ed59915
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_sparc.deb
          Size/MD5 checksum:   169062 880af57dc7c562dbd0a668878115b5f4
        http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_sparc.deb
          Size/MD5 checksum:   201582 08f5653424161a44534bb0c5346cab53
    
    - -------------------------------------------------------------------------------
    For apt-get: deb http://security.debian.org/ stable/updates main
    For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.