|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Rain Forest Puppy (rfp
vulnwatch.org)Date: Wed Dec 12 2001 - 18:13:24 CST
Ok, I've chosen to do this the simple way.
Ettercap 0.6.3 was released today (Dec 12th), and has fixes for various
buffer overflows. One particular one is outlined by GOBBLES in their
latest advisory at:
http://www.bugtraq.org/dev/GOBBLES-12.txt
Basically there's a overflow in parsing the IRC identity command
parameters. Anyone using ettercap to sniff IRC sessions could potentially
be exploited, and since ettercap requires root privileges, this might be
bad.
The ettercap authors also removed the install-suid option, and fixed
some other stuff which might lead to the same type of problem. So
if you're using ettercap, consider upgrading.
Someone also hinted at possible alignment problems in the GOBBLES exploit,
so your mileage may vary, assuming you actually trust third-party exploits
enough to run them. Keep in mind there have been a lot of fakes and
trojans lately.
Enjoy,
- rfp
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]