Description
A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-03-05
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information disclosure via out-of-bounds memory read
Action: Patch promptly
AI Analysis

Impact

The vulnerability resides in the add_data_segment function of Ettercap’s ef_output.c file, enabling an out-of-bounds read that can expose sensitive data from the process’s memory. The flaw allows an attacker who can execute commands locally on the host running Ettercap to read beyond the intended buffer limits, potentially revealing configuration details or captured network traffic. While this does not lead to remote code execution or privilege escalation, the material that can be retrieved may contain confidential information, compromising confidentiality of the compromised system.

Affected Systems

The issue affects Ettercap versions identified by the CPE strings, specifically version 0.8.4 of the Ettercap project. No other affected versions are listed in the available CNA data, so users of 0.8.4 should consider upgrading or disabling the vulnerable component.

Risk and Exploitability

With a CVSS score of 4.8 and an EPSS probability of less than 1%, the vulnerability presents a moderate severity that is unlikely to be widely exploited, especially since it requires local access. It is not listed in the CISA KEV catalog, indicating no confirmed exploitation. Nevertheless, because the flaw permits leakage of potentially sensitive data, the risk is significant enough to warrant remediation as a priority, especially for systems handling critical network traffic.

Generated by OpenCVE AI on April 16, 2026 at 11:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply an updated version of Ettercap that contains the fix for add_data_segment
  • Limit local access to the Ettercap service to trusted administrators or privileged users
  • Monitor system logs for attempts to read beyond expected buffer boundaries or unusual memory access patterns

Generated by OpenCVE AI on April 16, 2026 at 11:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 16 Mar 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Ettercap-project
Ettercap-project ettercap
Weaknesses CWE-787
CPEs cpe:2.3:a:ettercap-project:ettercap:0.8.4:*:*:*:*:*:*:*
Vendors & Products Ettercap-project
Ettercap-project ettercap

Mon, 09 Mar 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 06 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 05 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title Ettercap etterfilter ef_output.c add_data_segment out-of-bounds
First Time appeared Ettercap
Ettercap ettercap
Weaknesses CWE-119
CWE-125
CPEs cpe:2.3:a:ettercap:ettercap:*:*:*:*:*:*:*:*
Vendors & Products Ettercap
Ettercap ettercap
References
Metrics cvssV2_0

{'score': 1.7, 'vector': 'AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Ettercap Ettercap
Ettercap-project Ettercap
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-09T18:19:35.860Z

Reserved: 2026-03-05T16:55:18.903Z

Link: CVE-2026-3606

cve-icon Vulnrichment

Updated: 2026-03-09T18:19:30.673Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-05T22:16:25.390

Modified: 2026-03-16T15:42:29.050

Link: CVE-2026-3606

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-05T22:02:07Z

Links: CVE-2026-3606 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T12:00:11Z

Weaknesses