Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Tcpreplay
(Broadcom)| Repositories | https://github.com/appneta/tcpreplay |
| #Vulnerabilities | 40 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-03-16 | CVE-2023-27785 | An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function. | Tcpreplay | 7.5 | ||
| 2023-03-16 | CVE-2023-27786 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function. | Tcpreplay | 7.5 | ||
| 2023-03-16 | CVE-2023-27787 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81 endpoint. | Tcpreplay | 7.5 | ||
| 2023-03-16 | CVE-2023-27788 | An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | Tcpreplay | 7.5 | ||
| 2023-03-16 | CVE-2023-27789 | An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | Tcpreplay | 7.5 | ||
| 2023-12-21 | CVE-2023-4256 | Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. | Tcpreplay, Extra_packages_for_enterprise_linux, Fedora | 5.5 | ||
| 2018-10-17 | CVE-2018-18407 | A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. | Tcpreplay, Fedora | 5.5 | ||
| 2018-10-17 | CVE-2018-18408 | A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. | Tcpreplay, Fedora | 9.8 | ||
| 2019-02-17 | CVE-2019-8376 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2019-02-17 | CVE-2019-8377 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 |