CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2020-12740
https://notcve.org/view.php?id=CVE-2020-12740
08 May 2020 — tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. El componente tcprewrite en Tcpreplay versiones hasta 4.3.2, presenta una lectura excesiva del búfer en la región heap de la memoria durante una operación get_c. El problema ha sido activado en la función get_ipv6_next() en el archivo common/get.c. • https://github.com/appneta/tcpreplay/issues/576 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20552
https://notcve.org/view.php?id=CVE-2018-20552
28 Dec 2018 — Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. Tcpreplay, en versiones anteriores a la 4.3.1, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en packet2tree en tree.c. • https://github.com/appneta/tcpreplay/issues/530 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20553
https://notcve.org/view.php?id=CVE-2018-20553
28 Dec 2018 — Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. Tcpreplay, en versiones anteriores a la 4.3.1, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en get_l2len en common/get.c. • https://github.com/appneta/tcpreplay/issues/530 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-18408
https://notcve.org/view.php?id=CVE-2018-18408
17 Oct 2018 — A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. Se ha descubierto un uso de memoria previamente liberada en el binario tcpbridge de Tcpreplay 4.3.0 beta1. El problema se desencadena en la función post_args() en tcpbridge.c, lo que provoca una denegación de servicio (DoS) o, posiblemente, otro tipo de impacto sin especificar. • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-18407
https://notcve.org/view.php?id=CVE-2018-18407
17 Oct 2018 — A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. Se ha descubierto una sobrelectura de búfer basada en memoria dinámica (heap) en el binario tcpreplay-edit de Tcpreplay 4.3.0 beta1 durante la operación de suma de verificación incremental. El problema se desencadena en la función csum_replace4() en increm... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#user-content-heap-overflow-in-csum_replace4 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-17974
https://notcve.org/view.php?id=CVE-2018-17974
03 Oct 2018 — An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. Se ha descubierto un problema en Tcpreplay 4.3.0 beta1. • https://github.com/SegfaultMasters/covering360/tree/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2018-17580
https://notcve.org/view.php?id=CVE-2018-17580
28 Sep 2018 — A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. Existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función fast_edit_packet() en el archivo send_packets.c de tcpreplay v4.3. Esto puede conducir a una denegación de servicio (DoS) y a una potencial exposición de información... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 2CVE-2018-17582
https://notcve.org/view.php?id=CVE-2018-17582
28 Sep 2018 — Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. tcpreplay v4.3.0 contiene una sobrelectura de búfer basada en memoria dinámica (heap). La función get_next_packet() en el archivo ... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-13112
https://notcve.org/view.php?id=CVE-2018-13112
03 Jul 2018 — get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. get_l2len en common/get.c en Tcpreplay 4.3.0 beta1 permite a los atacantes remotos provocar una denegación de servicio (sobrelectura de búfer basada en memoria dinámica o heap y cierre inesperado de la aplicación) mediante paquetes manipulados, tal y como demuestra tcpprep. • https://github.com/appneta/tcpreplay/issues/477 • CWE-125: Out-of-bounds Read •