Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
BID:53242
Info
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
| Bugtraq ID: | 53242 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 25 2012 12:00AM |
| Updated: | Apr 25 2012 12:00AM |
| Credit: | nImaarek |
| Vulnerable: |
Ettercap Ettercap 7.4.1 |
| Not Vulnerable: | |
Discussion
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
Ettercap is prone to multiple vulnerabilities that lets attackers execute arbitrary code.
An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
Ettercap 7.4.1 is affected; other versions may also be vulnerable.
Ettercap is prone to multiple vulnerabilities that lets attackers execute arbitrary code.
An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
Ettercap 7.4.1 is affected; other versions may also be vulnerable.
Exploit / POC
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
A general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project. Please see the references for more information.
A general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project. Please see the references for more information.
Solution / Fix
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Ettercap 'exchndl.dll' And 'quserex.dll' DLL Loading Arbitrary Code Execution Vulnerabilities
References:
References:
- Application DLL Load Hijacking (HD Moore)
- Ettercap Homepage (Ettercap)
- Exploiting DLL Hijacking Flaws (hdm)
- Microsoft Security Advisory 2269637 Released (Microsoft)
- More information about the DLL Preloading remote attack vector (Microsoft)
- New DLL Hijacking Exploits (many!) (Matt)
- Microsoft Security Advisory (2269637) (Microsoft)