is a multipurpose sniffer/interceptor/logger for switched LAN.
| CHANGELOG (ettercap-0.8.3) | : | CHANGELOG (ettercap-0.8.3.1) |
|---|
| | |
| Legend: | | Legend: |
| + new feature | | + new feature |
| - old feature removed | | - old feature removed |
| !! bug fixed | | !! bug fixed |
|
| | | |
| ========================================= | | ========================================= |
|
| | 0.8.3.1-Bertillon 20200801 |
| | !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1. |
| | 0) |
| | !! Fix blackholing SSL packets when specific redirection is used |
| | !! Fix TLS 1.3 interception issues (replace fake certificate with proper key |
| | length) |
| | !! Fix segmentation fault when parsing HTTP NTLM handshake (fixes #922) |
| | !! Fix crash if one redirect command is not enabled |
| | !! Fix build on MacOSX detecting new dependency HarfBuzz |
| | !! Fix warnings when parsing etter.(m)dns file when built w/o IPv6 support |
| | !! Fix capture delay with libpcap v1.9.1 (fixes #974) |
| | !! Fix segmentation fault when etterlog concatinate files |
| | !! Fix compiling with GCC version / defaulting to -fno-common |
| | !! Fix bad UDP length for packets changed with replace() |
| | !! Fix passing --lua-args arguments to LUA scripts |
| | !! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used |
| | !! Fix references to old sourceforce.org website in the code and documentatio |
| | n |
| | !! Fix fingerprint_submit (still missing its server counterpart) |
| | + Take over client-side SNI extension in ClientHello in SSL interception (re |
| | q. OpenSSL 1.1.1) |
| | + Take over SAN certificate extension from server certificate in SSL interce |
| | ption |
| | + Use server certificate sign algorithm to sign fake certificate defaulting |
| | to SHA256 |
| | + CLI provided plugins are now also autostarted in graphical UI |
| | + Added --plugin-list CLI parameter |
| | + New execreplace etterfilter command |
| | + Update bundled OUI mac addresses |
| | + Update LuaJIT from 2.0.4 to 2.0.5 |
| | + Update libnet from 1.1.6 to 1.2 |
| | + Update check from 0.10.0 to 0.15.0 |
| | + Update curl from 7.44.0 to 7.71.1 |
| | - Separate etter.dns and etter.mdns examples in dedicated examples file |
| | - Remove source IP specification from customizable SSL redirects |
| | - Remove of deprecated redirect commands from etter.conf |
| | - Remove Easter Egg (Sorry ALoR and NaGA) |
| | |
| 0.8.3-Bertillon 20190701 | | 0.8.3-Bertillon 20190701 |
|
| !! Fix binary comparsion and assignment in etterfilter | | !! Fix binary comparison and assignment in etterfilter |
| !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long) | | !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long) |
| !! Non-aligned filters are no longer supported (recompilation with etterfilte
r required) | | !! Non-aligned filters are no longer supported (recompilation with etterfilte
r required) |
| !! Fixed sslstrip plugin startup issue due to regex compilation error | | !! Fixed sslstrip plugin startup issue due to regex compilation error |
| !! Fixed lots of build warnings | | !! Fixed lots of build warnings |
| !! Proper separation of library and executable code | | !! Proper separation of library and executable code |
| !! Fixed heap-buffer-overflow in write_output in etterfilter | | !! Fixed heap-buffer-overflow in write_output in etterfilter |
| !! ip_addr sanity check when etterlog processes info logfile | | !! ip_addr sanity check when etterlog processes info logfile |
|
| !! Lots of buffer under-/overflow conditions fixed | | !! CVE-2017-8366 (Lots of buffer under-/overflow conditions fixed) |
| !! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter) | | !! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter) |
| !! fix dns_spoof plugin when used in bridge mode | | !! fix dns_spoof plugin when used in bridge mode |
| + SSL redirects are now customizable at runtime | | + SSL redirects are now customizable at runtime |
| + GeoIP detection / support using CMake | | + GeoIP detection / support using CMake |
| + Rework of GTK3 UI - modern GNOME3 look | | + Rework of GTK3 UI - modern GNOME3 look |
| + New Kerberos 5 downgrade plugin | | + New Kerberos 5 downgrade plugin |
| + GTK3 is the new default GTK_BUILD_TYPE | | + GTK3 is the new default GTK_BUILD_TYPE |
| + OSPF dissector supports more authentication methods in hash-cracker friend
ly format | | + OSPF dissector supports more authentication methods in hash-cracker friend
ly format |
| + Rework of Oracle O5LOGON dissector | | + Rework of Oracle O5LOGON dissector |
| + Multi-threaded name resolution | | + Multi-threaded name resolution |
| | |
| skipping to change at line 46 | | skipping to change at line 77 |
|---|
| !! Fixed drop_privs function usage | | !! Fixed drop_privs function usage |
| !! Fixed nopromisc option usage | | !! Fixed nopromisc option usage |
| !! Fixed missing break in parser code | | !! Fixed missing break in parser code |
| !! Improved redirect commands | | !! Improved redirect commands |
| !! Fix truncated VLAN packet headers | | !! Fix truncated VLAN packet headers |
| !! Fix ettercap.rc file (windows only) | | !! Fix ettercap.rc file (windows only) |
| !! Various cmake fixes | | !! Various cmake fixes |
| !! A ton of BSD bug fixes | | !! A ton of BSD bug fixes |
| !! Simplify macosx cmake files | | !! Simplify macosx cmake files |
| !! Fix incorrect sequence number after TCP injection | | !! Fix incorrect sequence number after TCP injection |
|
| !! Fix pcap length, and aligment problems with libpcap | | !! Fix pcap length, and alignment problems with libpcap |
| !! Bug fixes and gtk code refactor (gtk box wrapper) | | !! Bug fixes and gtk code refactor (gtk box wrapper) |
| !! Fix some ipv6 send issues | | !! Fix some ipv6 send issues |
| !! Fixed sleep time on Windows (high CPU usage) | | !! Fixed sleep time on Windows (high CPU usage) |
| !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1) | | !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1) |
| - CVE-2014-6395 (Length Parameter Inconsistency) | | - CVE-2014-6395 (Length Parameter Inconsistency) |
| - CVE-2014-6396 (Arbitrary write) | | - CVE-2014-6396 (Arbitrary write) |
| - CVE-2014-9376 (Negative index/underflow) | | - CVE-2014-9376 (Negative index/underflow) |
| - CVE-2014-9377 (Heap overflow) | | - CVE-2014-9377 (Heap overflow) |
| - CVE-2014-9378 (Unchecked return value) | | - CVE-2014-9378 (Unchecked return value) |
| - CVE-2014-9379 (Incorrect cast) | | - CVE-2014-9379 (Incorrect cast) |
| | | |
| End of changes. 5 change blocks. |
|---|
| 4 lines changed or deleted | | 41 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 