[ettercap] CVE-2010-3843.

[Jon Ciesla]

commit 6b2e32596db04f0d3c16ad21599e2eba8b63531c
Author: Jon Ciesla <limburgher at gmail.com>
Date:   Thu Jan 26 13:54:00 2012 -0600

    CVE-2010-3843.

 ettercap-0.7.4-CVE-2010-3843.patch |   37 ++++++++++++++++++++++++++++++++++++
 ettercap.spec                      |    7 +++++-
 2 files changed, 43 insertions(+), 1 deletions(-)
---
diff --git a/ettercap-0.7.4-CVE-2010-3843.patch b/ettercap-0.7.4-CVE-2010-3843.patch
new file mode 100644
index 0000000..d2a5926
--- /dev/null
+++ b/ettercap-0.7.4-CVE-2010-3843.patch
@@ -0,0 +1,37 @@
+--- src/interfaces/gtk/ec_gtk_conf.c~	2011-12-04 17:24:30.000000000 -0600
++++ src/interfaces/gtk/ec_gtk_conf.c	2012-01-26 13:43:04.201897836 -0600
+@@ -69,15 +69,9 @@
+    char line[100], name[30];
+    short value;
+ 
+-#ifdef OS_WINDOWS
+-   path = ec_win_get_user_dir();
+-#else
+-   /* TODO: get the dopped privs home dir instead of "/root" */
+-   /* path = g_get_home_dir(); */
+-   path = g_get_tmp_dir();
+-#endif
++   path = g_get_user_config_dir();
+ 
+-   filename = g_build_filename(path, ".ettercap_gtk", NULL);
++   filename = g_build_filename(path, "ettercap_gtk", NULL);
+ 
+    DEBUG_MSG("gtkui_conf_read: %s", filename);
+ 
+@@ -86,8 +80,14 @@
+       return;
+ 
+    while(fgets(line, 100, fd)) {
+-      sscanf(line, "%s = %hd", name, &value);
+-
++      char *p = strchr(line, '=');
++      if(!p)
++         continue;
++      *p = '\0';
++      snprintf(name, sizeof(name), "%s", line);
++      strlcpy(name, line, sizeof(name) - 1);
++      g_strstrip(name);
++      value = atoi(p + 1);
+       gtkui_conf_set(name, value);
+    }
+    fclose(fd);
diff --git a/ettercap.spec b/ettercap.spec
index 1b92f45..49f7a9b 100644
--- a/ettercap.spec
+++ b/ettercap.spec
@@ -1,6 +1,6 @@
 Name: ettercap
 Version: 0.7.4
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: Network traffic sniffer/analyser, NCURSES interface version
 Group: Applications/Internet
 License: GPLv2+
@@ -20,6 +20,7 @@ Patch5: ettercap-NG-0.7.3-selinux-fcntl.patch
 #Patch7: ettercap-NG-0.7.3-passive-dns.patch
 # Remove the silly modification restriction
 Patch8: ettercap-NG-0.7.3-license-fix.patch
+Patch9: ettercap-0.7.4-CVE-2010-3843.patch
 
 BuildRoot: %{_tmppath}/%{name}-NG-%{version}-%{release}-root%(%{__id_u} -n)
 
@@ -115,6 +116,7 @@ This package contains the GTK version.
 #%patch6 -p0
 #%patch7 -p0
 %patch8 -p1 -b .license
+%patch9 -p0
 
 %build
 autoconf
@@ -215,6 +217,9 @@ rm -rf %{buildroot}
 %{_datadir}/icons/hicolor/32x32/apps/ettercap.png
 
 %changelog
+* Thu Jan 26 2012 Jon Ciesla <limburgher at gmail.com> - 0.7.4-2
+- Patch for CVE-2010-3843.
+
 * Thu Jan 26 2012 Jon Ciesla <limburgher at gmail.com> - 0.7.4-1
 - New upstream. Now BRs bison, flex.