Bug#311615: ettercap: [CAN-2005-1796] buffer overflow in ec_curses.c

Thu, 02 Jun 2005 03:38:48 -0700 

tags 311615 + patch pending
thanks

Hi,

Here's a patch to fix the vulnerability, taken from diffing upstream
sources.  Despite the changelog, I've not uploaded this.  Please apply
the patch and upload it, or let me know and I'll do it.  Thanks.

You might also want to run it by the testing-security folks.


diff -urN ettercap-0.7.1.old/debian/changelog ettercap-0.7.1/debian/changelog
--- ettercap-0.7.1.old/debian/changelog 2005-06-02 10:48:15.000000000 +0100
+++ ettercap-0.7.1/debian/changelog     2005-06-02 11:12:40.968301000 +0100
@@ -1,3 +1,12 @@
+ettercap (1:0.7.1-1.1) unstable; urgency=high
+
+  * Non-maintainer upload.
+  * Fix buffer overflow in src/interfaces/curses/ec_curses.c,
+    backported from version 0.7.3 (CAN-2005-1796; Closes: #311615).
+    Thanks to Martin Pitt for reporting this vulnerability.
+
+ -- Roger Leigh <[EMAIL PROTECTED]>  Thu,  2 Jun 2005 11:12:34 +0100
+
 ettercap (1:0.7.1-1) unstable; urgency=low
 
   * New upstream release
diff -urN ettercap-0.7.1.old/src/interfaces/curses/ec_curses.c 
ettercap-0.7.1/src/interfaces/curses/ec_curses.c
--- ettercap-0.7.1.old/src/interfaces/curses/ec_curses.c        2004-05-12 
16:27:06.000000000 +0100
+++ ettercap-0.7.1/src/interfaces/curses/ec_curses.c    2005-06-02 
11:06:59.402226936 +0100
@@ -172,7 +172,7 @@
    if (sysmsg_win == NULL)
       return;
 
-   wdg_scroll_print(sysmsg_win, EC_COLOR, (char *)msg);
+   wdg_scroll_print(sysmsg_win, EC_COLOR, "%s", (char *)msg);
 }
 
 
----end of diff----


Regards,
Roger

-- 
Roger Leigh
                Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
                Debian GNU/Linux        http://www.debian.org/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to