Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tcpreplay
(Broadcom)| Repositories | https://github.com/appneta/tcpreplay |
| #Vulnerabilities | 40 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-04-12 | CVE-2022-27418 | Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c. | Tcpreplay | 7.8 | ||
| 2022-05-04 | CVE-2022-28487 | Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality. | Tcpreplay, Fedora | 7.5 | ||
| 2022-08-18 | CVE-2022-37047 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940. | Tcpreplay, Fedora | 7.8 | ||
| 2022-08-18 | CVE-2022-37048 | The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941. | Tcpreplay, Fedora | 7.8 | ||
| 2022-08-18 | CVE-2022-37049 | The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942. | Tcpreplay, Fedora | 7.8 | ||
| 2023-12-21 | CVE-2023-4256 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. | Tcpreplay, Extra_packages_for_enterprise_linux, Fedora | 5.5 | ||
| 2018-10-17 | CVE-2018-18407 | A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. | Tcpreplay, Fedora | 5.5 | ||
| 2018-10-17 | CVE-2018-18408 | A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | Tcpreplay, Fedora | 9.8 | ||
| 2019-02-17 | CVE-2019-8376 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2019-02-17 | CVE-2019-8377 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 |