CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2023-4256 – Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
https://notcve.org/view.php?id=CVE-2023-4256
21 Dec 2023 — Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Dentro de tcprewrite de tcpreplay, se ha identificado una vulnerabilidad de doble liberación en la función tcpedit_dlt_cleanup() dentro de plugins/dlt_plugins.c. Esta vulnerabilidad... • https://bugzilla.redhat.com/show_bug.cgi?id=2255212 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27783 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27783
16 Mar 2023 — An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to c... • https://github.com/appneta/tcpreplay/issues/780 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27784
https://notcve.org/view.php?id=CVE-2023-27784
16 Mar 2023 — An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. • https://github.com/appneta/tcpreplay/issues/787 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27785
https://notcve.org/view.php?id=CVE-2023-27785
16 Mar 2023 — An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. • https://github.com/appneta/tcpreplay/issues/785 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27786 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27786
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. • https://github.com/appneta/tcpreplay/issues/782 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27787 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27787
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a ... • https://github.com/appneta/tcpreplay/issues/788 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27788
https://notcve.org/view.php?id=CVE-2023-27788
16 Mar 2023 — An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. • https://github.com/appneta/tcpreplay/issues/786 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27789
https://notcve.org/view.php?id=CVE-2023-27789
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. • https://github.com/appneta/tcpreplay/issues/784 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-37047 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-37047
18 Aug 2022 — The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. Se ha detectado que el componente tcprewrite de Tcpreplay versión v4.4.1, contiene un desbordamiento del búfer en la región heap de la memoria en la función get_ipv6_next en el archivo common/get.c:713. NOTA: esto es diferente de CVE-2022-27940. Multiple vulnerabilities have been discovered in Tcpreplay, the worst of which coul... • https://github.com/appneta/tcpreplay/issues/734 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-37048 – Gentoo Linux Security Advisory 202210-08
https://notcve.org/view.php?id=CVE-2022-37048
18 Aug 2022 — The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. Se ha detectado que el componente tcprewrite de Tcpreplay versión v4.4.1, contiene un desbordamiento de búfer en la región heap de la memoria en la función get_l2len_protocolo en el archivo common/get.c:344. NOTA: esto es diferente de CVE-2022-27941. Multiple vulnerabilities have been discovered in Tcpreplay, the worst of ... • https://github.com/appneta/tcpreplay/issues/735 • CWE-787: Out-of-bounds Write •