int(1684)

Boletines de Vulnerabilidades

Bug de formato en Ettercap

Clasificación de la vulnerabilidad
Propiedad Valor
Nivel de Confianza Oficial
Impacto Obtener acceso
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio exotico

Información sobre el sistema
Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado Ettercap <0.7.3

Descripción
Se ha descubierto un bug de formato en las versiones anteriores a la 0.7.3 de ettercap. La vulnerabilidad reside en la interfaz Ncurses, concretamente en la función curses_msg().

La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código arbitrario.

Solución
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo.


Actualización de software

Ettercap
Ettercap 0.7.3
http://prdownloads.sourceforge.net/ettercap/ettercap-NG-0.7.3.tar.gz?download

Debian Linux

Debian Linux 3.1
Source
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1.orig.tar.gz
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.diff.gz
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1.dsc
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_alpha.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_alpha.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_alpha.deb
arm architecture (ARM)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_arm.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_arm.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_arm.deb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_hppa.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_hppa.deb
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_i386.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_i386.deb
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_ia64.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_ia64.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_ia64.deb
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_m68k.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_m68k.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_m68k.deb
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mips.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mips.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mips.deb
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_mipsel.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_mipsel.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_mipsel.deb
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_powerpc.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_powerpc.deb
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_s390.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_s390.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_s390.deb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_sparc.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_sparc.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_sparc.deb

Debian (DSA 773-1)

Debian Linux 3.1
AMD64
http://security.debian.org/pool/updates/main/e/ettercap/ettercap_0.7.1-1sarge1_amd64.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-common_0.7.1-1sarge1_amd64.deb
http://security.debian.org/pool/updates/main/e/ettercap/ettercap-gtk_0.7.1-1sarge1_amd64.deb

Debian Linux (zsync)

Debian Linux 3.1
Source
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1.dsc
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1.diff.gz
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3.orig.tar.gz
Alpha
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_alpha.deb
AMD64
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_amd64.deb
ARM
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_arm.deb
Intel IA-32
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_i386.deb
Intel IA-64
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_ia64.deb
HP Precision
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_hppa.deb
Motorola 680x0
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_m68k.deb
Big endian MIPS
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_mips.deb
Little endian MIPS
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_mipsel.deb
PowerPC
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_powerpc.deb
IBM S/390
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_s390.deb
Sun Sparc
http://security.debian.org/pool/updates/main/z/zsync/zsync_0.3.3-1.sarge.1_sparc.deb

Identificadores estándar
Propiedad Valor
CVE CAN-2005-1796
BID 13820

Recursos adicionales
Debian Security Advisory DSA 749-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00134.html

Debian Security Advisory DSA 773-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00160.html

Debian Security Advisory DSA 797-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00186.html

Histórico de versiones
Versión Comentario Fecha
1.0 Aviso emitido 2005-07-11
1.1 Aviso emitido por Debian (DSA 773-1) 2005-08-31
1.2 Aviso emitido por Debian (DSA 797-1) 2005-09-05

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT