CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 2CVE-2024-3024 – appneta tcpreplay get.c get_layer4_v6 heap-based overflow
https://notcve.org/view.php?id=CVE-2024-3024
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. • https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view https://vuldb.com/?ctiid.258333 https://vuldb.com/?id.258333 https://vuldb.com/?submit.297866 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2023-4256 – Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
https://notcve.org/view.php?id=CVE-2023-4256
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Dentro de tcprewrite de tcpreplay, se ha identificado una vulnerabilidad de doble liberación en la función tcpedit_dlt_cleanup() dentro de plugins/dlt_plugins.c. Esta vulnerabilidad se puede explotar proporcionando un archivo específicamente manipulado al binario tcprewrite. • https://bugzilla.redhat.com/show_bug.cgi?id=2255212 https://github.com/appneta/tcpreplay/issues/813 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EHUILQV2YJI5TXXXJA5FQ2HJQGFT7NTN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMW5CIODKRHUUH7NTAYIRWGSJ56DTGXM https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V3GYCHPVJ2VFN3D7FI4IRMDVMILLWBRF • CWE-415: Double Free •