Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tcpreplay
(Broadcom)| Repositories | https://github.com/appneta/tcpreplay |
| #Vulnerabilities | 40 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-02-17 | CVE-2019-8381 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2017-03-15 | CVE-2017-6429 | Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | Tcpreplay | 7.8 | ||
| 2017-09-12 | CVE-2017-14266 | tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | Tcpreplay | 7.8 | ||
| 2017-01-23 | CVE-2016-6160 | tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266. | Tcpreplay | 7.5 | ||
| 2018-07-03 | CVE-2018-13112 | get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. | Tcpreplay | 7.5 | ||
| 2018-09-28 | CVE-2018-17580 | A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. | Tcpreplay | 7.1 | ||
| 2018-09-28 | CVE-2018-17582 | Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. | Tcpreplay | 7.1 | ||
| 2018-10-03 | CVE-2018-17974 | An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. | Tcpreplay | 5.5 | ||
| 2018-12-28 | CVE-2018-20552 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | Tcpreplay | 7.8 | ||
| 2018-12-28 | CVE-2018-20553 | Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | Tcpreplay | 7.8 |