Candidate: CVE-2014-6395
PublicDate: 2014-12-19 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6395
 https://www.obrela.com/home/security-labs/advisories/osi-advisory-osi-1402/
 https://github.com/Ettercap/ettercap/commit/e3abe7d7585ecc420a7cab73313216613aadad5a
Description:
 Heap-based buffer overflow in the dissector_postgresql function in
 dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers
 to cause a denial of service or possibly execute arbitrary code via a
 crafted password length value that is inconsistent with the actual length
 of the password.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773416
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_ettercap:
upstream_ettercap: released (1:0.8.1-3)
lucid_ettercap: ignored (reached end-of-life)
precise_ettercap: ignored (reached end-of-life)
precise/esm_ettercap: DNE (precise was needed)
trusty_ettercap: ignored (reached end-of-life)
trusty/esm_ettercap: DNE (trusty was needed)
utopic_ettercap: ignored (reached end-of-life)
vivid_ettercap: not-affected (1:0.8.1-3)
vivid/stable-phone-overlay_ettercap: DNE
vivid/ubuntu-core_ettercap: DNE
wily_ettercap: not-affected (1:0.8.1-3)
xenial_ettercap: not-affected (1:0.8.1-3)
yakkety_ettercap: not-affected (1:0.8.1-3)
zesty_ettercap: not-affected (1:0.8.1-3)
artful_ettercap: not-affected (1:0.8.1-3)
bionic_ettercap: not-affected (1:0.8.1-3)
cosmic_ettercap: not-affected (1:0.8.1-3)
disco_ettercap: not-affected (1:0.8.1-3)
devel_ettercap: not-affected (1:0.8.1-3)