Arbitrary Code Execution and Denial of Service Vulnerability in Ettercap's PostgreSQL Dissector
CVE-2014-6396 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.