CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 2CVE-2024-3024 – appneta tcpreplay get.c get_layer4_v6 heap-based overflow
https://notcve.org/view.php?id=CVE-2024-3024
28 Mar 2024 — A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. • https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2023-4256 – Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
https://notcve.org/view.php?id=CVE-2023-4256
21 Dec 2023 — Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Dentro de tcprewrite de tcpreplay, se ha identificado una vulnerabilidad de doble liberación en la función tcpedit_dlt_cleanup() dentro de plugins/dlt_plugins.c. Esta vulnerabilidad... • https://bugzilla.redhat.com/show_bug.cgi?id=2255212 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27789
https://notcve.org/view.php?id=CVE-2023-27789
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. • https://github.com/appneta/tcpreplay/issues/784 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27785
https://notcve.org/view.php?id=CVE-2023-27785
16 Mar 2023 — An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. • https://github.com/appneta/tcpreplay/issues/785 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27788
https://notcve.org/view.php?id=CVE-2023-27788
16 Mar 2023 — An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. • https://github.com/appneta/tcpreplay/issues/786 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27784
https://notcve.org/view.php?id=CVE-2023-27784
16 Mar 2023 — An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint. • https://github.com/appneta/tcpreplay/issues/787 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27783 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27783
16 Mar 2023 — An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to c... • https://github.com/appneta/tcpreplay/issues/780 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27786 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27786
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. • https://github.com/appneta/tcpreplay/issues/782 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27787 – Ubuntu Security Notice USN-7231-1
https://notcve.org/view.php?id=CVE-2023-27787
16 Mar 2023 — An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. It was discovered that Tcpreplay incorrectly handled memory when using the tcprewrite utility. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a denial of service. It was discovered that Tcpreplay incorrectly validated external input. A remote attacker could possibly use this issue to cause Tcpreplay to crash, resulting in a ... • https://github.com/appneta/tcpreplay/issues/788 • CWE-476: NULL Pointer Dereference •