Product:

Tcpreplay

(Appneta)
Repositories https://github.com/appneta/tcpreplay
#Vulnerabilities 14
Date ID Summary Products Score Patch
2020-05-08 CVE-2020-12740 tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. Tcpreplay N/A
2019-02-17 CVE-2019-8377 An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Tcpreplay, Fedora 7.8
2018-09-28 CVE-2018-17582 Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. Tcpreplay 7.1
2019-02-17 CVE-2019-8381 An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Tcpreplay, Fedora 7.8
2019-02-17 CVE-2019-8376 An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. Tcpreplay, Fedora 7.8
2018-12-28 CVE-2018-20553 Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. Tcpreplay 7.8
2018-12-28 CVE-2018-20552 Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. Tcpreplay 7.8
2018-10-17 CVE-2018-18408 A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. Tcpreplay, Fedora 9.8
2018-10-17 CVE-2018-18407 A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. Tcpreplay, Fedora 5.5
2018-10-03 CVE-2018-17974 An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. Tcpreplay 5.5