CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 2CVE-2019-8381
https://notcve.org/view.php?id=CVE-2019-8381
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Se ha descubierto un problema en Tcpreplay 4.3.1. • https://github.com/appneta/tcpreplay/issues/538 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EB3ASS7URTIA3IFSBL2DIWJAFKTBJCAW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6 https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20553
https://notcve.org/view.php?id=CVE-2018-20553
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. Tcpreplay, en versiones anteriores a la 4.3.1, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en get_l2len en common/get.c. • https://github.com/appneta/tcpreplay/issues/530 https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20552
https://notcve.org/view.php?id=CVE-2018-20552
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. Tcpreplay, en versiones anteriores a la 4.3.1, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en packet2tree en tree.c. • https://github.com/appneta/tcpreplay/issues/530 https://github.com/appneta/tcpreplay/pull/532/commits/6b830a1640ca20528032c89a4fdd8291a4d2d8b2 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-18408
https://notcve.org/view.php?id=CVE-2018-18408
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. Se ha descubierto un uso de memoria previamente liberada en el binario tcpbridge de Tcpreplay 4.3.0 beta1. El problema se desencadena en la función post_args() en tcpbridge.c, lo que provoca una denegación de servicio (DoS) o, posiblemente, otro tipo de impacto sin especificar. • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args https://github.com/appneta/tcpreplay/issues/489 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-18407
https://notcve.org/view.php?id=CVE-2018-18407
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. Se ha descubierto una sobrelectura de búfer basada en memoria dinámica (heap) en el binario tcpreplay-edit de Tcpreplay 4.3.0 beta1 durante la operación de suma de verificación incremental. El problema se desencadena en la función csum_replace4() en incremental_checksum.h, lo que provoca una denegación de servicio (DoS). • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#user-content-heap-overflow-in-csum_replace4 https://github.com/appneta/tcpreplay/issues/488 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6 • CWE-125: Out-of-bounds Read •