i have suse 7.3 pro , i have test ettercap 0.6.2 (c) 2001 ALoR & NaGA linux:~ # ettercap %x%x%x%x%x%x%x Invalid host address %x%x%x%x%x%x%x !! Am 04.12.2001 19:33:16, schrieb Blue Boar <BlueBoarat_private>: >Goobles sent another post to vuln-dev today, which was rejected due >to personal attacks in their note. I want to check out their claim, >however. If you want to see their original posting, it's on their >web site like the others, I'm sure. It includes a claimed exploit, >which cannot be posted due to their wishes that it not be separated >from the advisory. If someone wants to write an independent exploit, >I'd be happy to post that, provided it follows the list rules, >of course. > >Here's the basic problem: > >ettercap %x%x%x%x%x%x%x >ettercap 0.6.2 brought from the dark side of the net by ALoR and NaGA... > >may the packets be with you... > > >Invalid host address 807a0ef807a0e900bffffb71bffff850805ad52 !! > >Gobbles' point is that there is an option to configure it suid, >so this could be exploitable when that is used. Why someone >would want a packet capture program to be used by non-priv users.. >Well, I'm sure there's a good reason somewhere in the world. > >Is anyone using it that way? Are there OS distributions that come >with Ettercap installed by default? And, of course, is it suid? >(I can't imagine it would be.) The workaround is obvious, don't >run it suid or allow remote users who do not already have a shell >to execute it with a command-line parameter (such as via a web >interface.) > > BB > >
This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 12:19:56 PST