Fedora has issued an advisory today (March 14): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q6NUJRIY4LV42YSZYHP34LOL73PN4ZO2/ The upstream commit that fixed the issue is linked from the RedHat bug: https://bugzilla.redhat.com/show_bug.cgi?id=1429571 Mageia 5 is also affected.
Whiteboard: (none) => MGA5TOO
CC: (none) => marja11Assignee: bugsquad => pterjan
CC: (none) => mageiaCVE: (none) => CVE-2017-6430
fixed in cauldron
Whiteboard: MGA5TOO => (none)Version: Cauldron => 5
New version uploaded in updates_testing: src.rpm: ettercap-0.8.2-1.mga5
Assignee: pterjan => qa-bugs
Advisory: ======================== Updated ettercap packages fix security vulnerability: Etterfilter utility of Ettercap have an out-of-bounds read denial-of-service vulnerability when parsing a crafted file. This occurs in the compile_tree function of the ef_compiler.c source file when processing corrupted filters (CVE-2017-6430). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6430 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/Q6NUJRIY4LV42YSZYHP34LOL73PN4ZO2/ ======================== Updated packages in core/updates_testing: ======================== ettercap-0.8.2-1.mga5 libettercap0-0.8.2-1.mga5 from ettercap-0.8.2-1.mga5.src.rpm
MGA5-32 on Asus A6000VM Xfce No installation issues Ettercap only runs validly as root so # ettercap -T ettercap 0.8.2 copyright 2001-2015 Ettercap Development Team Listening on: wlp0s29f7u4 -> 80:1F:02:4A:FD:EB 192.168.2.6/255.255.255.0 fe80::821f:2ff:fe4a:fdeb/64 SSL dissection needs a valid 'redir_command_on' script in the etter.conf file Privileges dropped to EUID 65534 EGID 65534... and a lot more ..... ettercap -G & ettercap -C opens ettercap dialog window and there connections etc... are shown. OK for me.
Whiteboard: (none) => MGA5-32-OKCC: (none) => herman.viaene
CC: (none) => lewyssmithWhiteboard: MGA5-32-OK => MGA5-32-OK advisory
Prior to testing, some background:- "ettercap - Ncurses/Gtk2 based sniffer/interceptor utility" /usr/bin/ettercap multipurpose sniffer/content filter /usr/bin/ettercap-pkexec graphical pkexec-based launcher for ettercap /usr/bin/etterfilter Filter compiler for ettercap content filtering engine /usr/bin/etterlog Log analyzer for ettercap log files The essential is: # ettercap -T to dump to the console # ettercap -C for the curses interface # ettercap -G for the GUI The last two have a good help menu '?'; all the man output is comprehensive. -h for help. Using just -T dumps everything to the console. I never got anywhere with -C or -G beyond displaying and playing with the nice & fully functional interfaces: despite which I could not get any output, nor any log file accepted.
Testing M5 x64 BEFORE the update I had just 'ettercap-0.8.0-6.mga5', and lib64ettercap0 could not be found anywhere. DOING the update, after selecting 'ettercap-0.8.2-1.mga5.x86_64' the following additional pkgs were suddenly declared as required: - lib64ettercap0-0.8.2-1.mga5.x86_64 - lib64net-devel-1.1.6-5.mga5.x86_64 - lib64nl-cli3_200-3.2.25-3.1.mga5.x86_64 - lib64nl-genl3_200-3.2.25-3.1.mga5.x86_64 - lib64nl-nf3_200-3.2.25-3.1.mga5.x86_64 - lib64nl-route3_200-3.2.25-3.1.mga5.x86_64 - lib64nl3-devel-3.2.25-3.1.mga5.x86_64 - lib64nl3_200-3.2.25-3.1.mga5.x86_64 - lib64pcap-devel-1.8.1-1.mga5.x86_64 - libnl3-config-3.2.25-3.1.mga5.noarch Is this just the result of the version change? AFTER the update: # ettercap -I ettercap 0.8.2 copyright 2001-2015 Ettercap Development Team List of available Network Interfaces: enp4s0 enp4s0 lo Local Loopback bluetooth-monitor Bluetooth Linux Monitor usbmon1 USB bus number 1 etc # ettercap -T|C|G all worked satisfactorily within my limits noted in Comment 5. Update looks OK. Validating.
Keywords: (none) => validated_updateWhiteboard: MGA5-32-OK advisory => MGA5-32-OK advisory MGA5-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0130.html
Status: NEW => RESOLVEDResolution: (none) => FIXED