CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-20553
https://notcve.org/view.php?id=CVE-2018-20553
28 Dec 2018 — Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. Tcpreplay, en versiones anteriores a la 4.3.1, tiene una sobrelectura de búfer basada en memoria dinámica (heap) en get_l2len en common/get.c. • https://github.com/appneta/tcpreplay/issues/530 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-18408
https://notcve.org/view.php?id=CVE-2018-18408
17 Oct 2018 — A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. Se ha descubierto un uso de memoria previamente liberada en el binario tcpbridge de Tcpreplay 4.3.0 beta1. El problema se desencadena en la función post_args() en tcpbridge.c, lo que provoca una denegación de servicio (DoS) o, posiblemente, otro tipo de impacto sin especificar. • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2CVE-2018-18407
https://notcve.org/view.php?id=CVE-2018-18407
17 Oct 2018 — A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. Se ha descubierto una sobrelectura de búfer basada en memoria dinámica (heap) en el binario tcpreplay-edit de Tcpreplay 4.3.0 beta1 durante la operación de suma de verificación incremental. El problema se desencadena en la función csum_replace4() en increm... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#user-content-heap-overflow-in-csum_replace4 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-17974
https://notcve.org/view.php?id=CVE-2018-17974
03 Oct 2018 — An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. Se ha descubierto un problema en Tcpreplay 4.3.0 beta1. • https://github.com/SegfaultMasters/covering360/tree/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 2CVE-2018-17580
https://notcve.org/view.php?id=CVE-2018-17580
28 Sep 2018 — A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. Existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función fast_edit_packet() en el archivo send_packets.c de tcpreplay v4.3. Esto puede conducir a una denegación de servicio (DoS) y a una potencial exposición de información... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 2CVE-2018-17582
https://notcve.org/view.php?id=CVE-2018-17582
28 Sep 2018 — Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. tcpreplay v4.3.0 contiene una sobrelectura de búfer basada en memoria dinámica (heap). La función get_next_packet() en el archivo ... • https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2018-13112
https://notcve.org/view.php?id=CVE-2018-13112
03 Jul 2018 — get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. get_l2len en common/get.c en Tcpreplay 4.3.0 beta1 permite a los atacantes remotos provocar una denegación de servicio (sobrelectura de búfer basada en memoria dinámica o heap y cierre inesperado de la aplicación) mediante paquetes manipulados, tal y como demuestra tcpprep. • https://github.com/appneta/tcpreplay/issues/477 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 2CVE-2017-14266 – tcprewrite - Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-14266
11 Sep 2017 — tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. tcprewrite en Tcpreplay 3.4.4 tiene una vulnerabilidad de desbordamiento de búfer basado en memoria dinámica (heap), desencadenada por un archivo PCAP manipulado. Esta vulnerabilidad está relacionada con CVE-2016-6160. tcprewrite version 3.4.4 suffers from a heap-based buffer overflow vulnerability. • https://packetstorm.news/files/id/144088 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-6429 – Tcpreplay 4.1.2 tcpcapinfo Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-6429
06 Mar 2017 — Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. Desbordamiento de búfer en la utilidad tcpcapinfo en Tcpreplay en versiones anteriores a 4.2.0 Beta 1 permite a atacantes remotos tener impacto no especificado a través de un archivo pcap con un paquete de gran tamaño. Tcpreplay version 4.1.2 suffers from a buffer overflow vulnerability in tcpcapinfo. • http://www.securityfocus.com/archive/1/540221/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6160
https://notcve.org/view.php?id=CVE-2016-6160
23 Jan 2017 — tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266. tcprewrite en tcpreplay en versiones anteriores a 4.1.2 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de un frame grande. Esta vulnerabilidad está relacionada con CVE-2017-14266. • http://www.openwall.com/lists/oss-security/2016/07/05/3 • CWE-399: Resource Management Errors •