Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Ettercap
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Ettercap
ID: FEDORA-2015-4020
Distribution: Fedora
Plattformen: Fedora 20
Datum: Do, 26. März 2015, 23:07
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6395
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6396
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9376
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9377
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9381
Applikationen: Ettercap

Originalnachricht

Name        : ettercap
Product : Fedora 20
Version : 0.8.2
Release : 1.fc20
URL : http://ettercap.sourceforge.net
Summary : Network traffic sniffer/analyser, NCURSES interface version
Description :
Ettercap is a suite for man in the middle attacks on LAN. It features
sniffing of live connections, content filtering on the fly and many other
interesting tricks. It supports active and passive dissection of many
protocols (even ciphered ones) and includes many feature for network and host
analysis.

-------------------------------------------------------------------------------
-
Update Information:

0.8.2-Ferri


Bug Fix
!! Fixed some openssl deprecated functions usage
!! Fixed log file ownership
!! Fixed mixed output print
!! Fixed drop_privs function usage
!! Fixed nopromisc option usage.
!! Fixed missing break in parser code.
!! Improved redirect commands
!! Fix truncated VLAN packet headers
!! Fix ettercap.rc file (windows only)
!! Various cmake fixes
!! A ton of BSD bug fixes
!! Simplify macosx cmake files
!! Fix incorrect sequence number after TCP injection
!! Fix pcap length, and aligment problems with libpcap
!! Bug fixes and gtk code refactor (gtk box wrapper)
!! Fix some ipv6 send issues
!! Fixed sleep time on Windows (high CPU usage)
!! Fixed many CVE vulnerabilities (some of them already fixed in
0.8.1)
- CVE-2014-6395 (Length Parameter Inconsistency)
- CVE-2014-6396 (Arbitrary write)
- CVE-2014-9376 (Negative index/underflow)
- CVE-2014-9377 (Heap overflow)
- CVE-2014-9378 (Unchecked return value)
- CVE-2014-9379 (Incorrect cast)
- CVE-2014-9380 (Buffer over-read)
- CVE-2014-9381 (Signedness error)

New Features
+ Updated etter.finger.mac
+ Add TXT and ANY query support on dns_spoof
+ New macosx travis-ci build!
+ Enable again PDF generation

Removed
- Remove gprof support

-------------------------------------------------------------------------------
-
ChangeLog:

* Mon Mar 16 2015 Jon Ciesla <limburgher@gmail.com> - 0.8.2-1
- Latest upstream.
* Tue Dec 16 2014 Jon Ciesla <limburgher@gmail.com> - 0.8.1-2
- Patches for multiple CVEs
* Mon Nov 3 2014 Jon Ciesla <limburgher@gmail.com> - 0.8.1-1
- 0.8.1.
* Sat Aug 16 2014 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 0.8.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 0.8.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update ettercap' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung