Arbitrary Code Execution and Denial of Service Vulnerability in Ettercap's PostgreSQL Dissector

Arbitrary Code Execution and Denial of Service Vulnerability in Ettercap's PostgreSQL Dissector

CVE-2014-6396 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted password length, which triggers a 0 character to be written to an arbitrary memory location.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.