Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information about capture files.
{"nessus": [{"lastseen": "2021-08-19T12:37:27", "description": "Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne (#302)\n\n - Add --unique-ip-loops option to modify IPs every few loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264) (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets (#190)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-04-03T00:00:00", "type": "nessus", "title": "Fedora 24 : tcpreplay (2017-7980b5e846)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tcpreplay", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-7980B5E846.NASL", "href": "https://www.tenable.com/plugins/nessus/99146", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-7980b5e846.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99146);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-6429\");\n script_xref(name:\"FEDORA\", value:\"2017-7980b5e846\");\n\n script_name(english:\"Fedora 24 : tcpreplay (2017-7980b5e846)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne\n (#302)\n\n - Add --unique-ip-loops option to modify IPs every few\n loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott\n (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264)\n (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets\n (#190)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-7980b5e846\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"tcpreplay-4.2.1-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:37:31", "description": "Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne (#302)\n\n - Add --unique-ip-loops option to modify IPs every few loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264) (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets (#190)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-04-03T00:00:00", "type": "nessus", "title": "Fedora 25 : tcpreplay (2017-5e945de883)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tcpreplay", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-5E945DE883.NASL", "href": "https://www.tenable.com/plugins/nessus/99144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-5e945de883.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99144);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-6429\");\n script_xref(name:\"FEDORA\", value:\"2017-5e945de883\");\n\n script_name(english:\"Fedora 25 : tcpreplay (2017-5e945de883)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne\n (#302)\n\n - Add --unique-ip-loops option to modify IPs every few\n loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott\n (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264)\n (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets\n (#190)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-5e945de883\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"tcpreplay-4.2.1-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:36:26", "description": "Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne (#302)\n\n - Add --unique-ip-loops option to modify IPs every few loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264) (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets (#190)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-07-17T00:00:00", "type": "nessus", "title": "Fedora 26 : tcpreplay (2017-8306577cc7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tcpreplay", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-8306577CC7.NASL", "href": "https://www.tenable.com/plugins/nessus/101673", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-8306577cc7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101673);\n script_version(\"3.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-6429\");\n script_xref(name:\"FEDORA\", value:\"2017-8306577cc7\");\n\n script_name(english:\"Fedora 26 : tcpreplay (2017-8306577cc7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Here is what is fixed in this release :\n\n - Fix reporting of rates < 1Mbps (#348)\n\n - Option --unique-ip not working properly (#346)\n\n----\n\nFeatures and fixes include :\n\n - MAC rewriting capabilities by Pedro Arthur (#313)\n\n - Fix several issues identified by Coverity (#305)\n\n - Packet distortion --fuzz-seed option by Gabriel Ganne\n (#302)\n\n - Add --unique-ip-loops option to modify IPs every few\n loops (#296)\n\n - Netmap startup delay increase (#290)\n\n - tcpcapinfo buffer overflow vulnerablily (#278)\n\n - Update git-clone instructions by Kyle McDonald (#277)\n\n - Allow fractions for --pps option (#270)\n\n - Print per-loop stats with --stats=0 (#269)\n\n - Add protection against packet drift by Guillaume Scott\n (#268)\n\n - Print flow stats periodically with --stats output (#262)\n\n - Include Travis-CI build support by Ilya Shipitsin (#264)\n (#285)\n\n - tcpreplay won't replay all packets in a pcap file with\n --netmap (#255)\n\n - First and last packet times in --stats output (#239)\n\n - Switch to wire speed after 30 minutes at 6 Gbps (#210)\n\n - tcprewrite fix checksum properly for fragmented packets\n (#190)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-8306577cc7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"tcpreplay-4.2.1-1.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:37:16", "description": "This update for tcpreplay fixes the following issues :\n\n - CVE-2017-6429: Buffer overflow in Tcpcapinfo utility triggered by a too large packet (boo#1028234)", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-03-28T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tcpreplay (openSUSE-2017-390)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tcpreplay", "p-cpe:/a:novell:opensuse:tcpreplay-debuginfo", "p-cpe:/a:novell:opensuse:tcpreplay-debugsource", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-390.NASL", "href": "https://www.tenable.com/plugins/nessus/99022", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-390.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99022);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-6429\");\n\n script_name(english:\"openSUSE Security Update : tcpreplay (openSUSE-2017-390)\");\n script_summary(english:\"Check for the openSUSE-2017-390 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpreplay fixes the following issues :\n\n - CVE-2017-6429: Buffer overflow in Tcpcapinfo utility\n triggered by a too large packet (boo#1028234)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1028234\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpreplay-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpreplay-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpreplay-4.1.2-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpreplay-debuginfo-4.1.2-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"tcpreplay-debugsource-4.1.2-5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay / tcpreplay-debuginfo / tcpreplay-debugsource\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:37:49", "description": "Patch CVE-2017-6429.\n\nTcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.\n\nReferences :\n\nhttp://seclists.org/bugtraq/2017/Mar/22\n\nUpstream bug :\n\nhttps://github.com/appneta/tcpreplay/issues/278\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-03-17T00:00:00", "type": "nessus", "title": "Fedora 24 : tcpreplay (2017-936a79ee30)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tcpreplay", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-936A79EE30.NASL", "href": "https://www.tenable.com/plugins/nessus/97786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-936a79ee30.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97786);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-6429\");\n script_xref(name:\"FEDORA\", value:\"2017-936a79ee30\");\n\n script_name(english:\"Fedora 24 : tcpreplay (2017-936a79ee30)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Patch CVE-2017-6429.\n\nTcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability\nassociated with parsing a crafted pcap file. This occurs in the\nsrc/tcpcapinfo.c file when capture has a packet that is too large to\nhandle.\n\nReferences :\n\nhttp://seclists.org/bugtraq/2017/Mar/22\n\nUpstream bug :\n\nhttps://github.com/appneta/tcpreplay/issues/278\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-936a79ee30\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/appneta/tcpreplay/issues/278\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"tcpreplay-4.1.2-3.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:37:44", "description": "Patch CVE-2017-6429.\n\nTcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.\n\nReferences :\n\nhttp://seclists.org/bugtraq/2017/Mar/22\n\nUpstream bug :\n\nhttps://github.com/appneta/tcpreplay/issues/278\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2017-03-16T00:00:00", "type": "nessus", "title": "Fedora 25 : tcpreplay (2017-dc1828d4f9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:tcpreplay", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-DC1828D4F9.NASL", "href": "https://www.tenable.com/plugins/nessus/97764", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-dc1828d4f9.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(97764);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-6429\");\n script_xref(name:\"FEDORA\", value:\"2017-dc1828d4f9\");\n\n script_name(english:\"Fedora 25 : tcpreplay (2017-dc1828d4f9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Patch CVE-2017-6429.\n\nTcpcapinfo utility of Tcpreplay has a buffer overflow vulnerability\nassociated with parsing a crafted pcap file. This occurs in the\nsrc/tcpcapinfo.c file when capture has a packet that is too large to\nhandle.\n\nReferences :\n\nhttp://seclists.org/bugtraq/2017/Mar/22\n\nUpstream bug :\n\nhttps://github.com/appneta/tcpreplay/issues/278\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-dc1828d4f9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/appneta/tcpreplay/issues/278\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpreplay package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:tcpreplay\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/03/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"tcpreplay-4.1.2-3.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpreplay\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2022-06-03T16:54:13", "description": "Arch Linux Security Advisory ASA-201706-29\n==========================================\n\nSeverity: High\nDate : 2017-06-23\nCVE-ID : CVE-2017-6429\nPackage : tcpreplay\nType : arbitrary code execution\nRemote : No\nLink : https://security.archlinux.org/AVG-211\n\nSummary\n=======\n\nThe package tcpreplay before version 4.2.5-1 is vulnerable to arbitrary\ncode execution.\n\nResolution\n==========\n\nUpgrade to 4.2.5-1.\n\n# pacman -Syu \"tcpreplay>=4.2.5-1\"\n\nThe problem has been fixed upstream in version 4.2.5.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nBuffer overflow in the tcpcapinfo utility in tcpreplay before 4.2.0\nBeta 1 allows attackers to have unspecified impact via a pcap file with\nan over-size packet.\n\nImpact\n======\n\nAn attacker can provide a crafted pcap file with an over-size packet to\nexecute arbitrary code with the privileges of the tcpcapinfo process.\n\nReferences\n==========\n\nhttps://github.com/appneta/tcpreplay/commit/d689d14dbcd768c028eab2fb378d849e543dcfe9\nhttps://github.com/appneta/tcpreplay/issues/278\nhttp://www.securityfocus.com/bid/96579\nhttps://security.archlinux.org/CVE-2017-6429", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-06-23T00:00:00", "type": "archlinux", "title": "[ASA-201706-29] tcpreplay: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-06-23T00:00:00", "id": "ASA-201706-29", "href": "https://security.archlinux.org/ASA-201706-29", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-06-03T16:42:02", "description": "Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-15T15:59:00", "type": "cve", "title": "CVE-2017-6429", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2022-06-03T14:34:00", "cpe": ["cpe:/a:broadcom:tcpreplay:4.1.2"], "id": "CVE-2017-6429", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6429", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:broadcom:tcpreplay:4.1.2:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2022-06-06T02:02:24", "description": "Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-03-15T15:59:00", "type": "debiancve", "title": "CVE-2017-6429", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-03-15T15:59:00", "id": "DEBIANCVE:CVE-2017-6429", "href": "https://security-tracker.debian.org/tracker/CVE-2017-6429", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "description": "Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information about capture files. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-15T18:25:28", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: tcpreplay-4.1.2-3.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-03-15T18:25:28", "id": "FEDORA:5A7C06092721", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/26CZOIWYUHRBEAFQIK5YC53IMMYT7A4P/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information about capture files. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-16T21:19:18", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: tcpreplay-4.1.2-3.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-03-16T21:19:18", "id": "FEDORA:A07CB60200DA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PLMYNSLCIC5CPXZ4CIYGPOQTQPZ5LA26/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information about capture files. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-01T21:18:04", "type": "fedora", "title": "[SECURITY] Fedora 24 Update: tcpreplay-4.2.1-1.fc24", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-04-01T21:18:04", "id": "FEDORA:E949B60DF39F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NZJQEY7VFKBHOQTU6GXYOITM4MJAOORC/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "description": "Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap (tcpdump) and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information about capture files. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-04-01T22:22:20", "type": "fedora", "title": "[SECURITY] Fedora 25 Update: tcpreplay-4.2.1-1.fc25", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-04-01T22:22:20", "id": "FEDORA:C40D060D4E33", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/J6CDRSU5SOKQTUFBTKVOQERYG4FDLWTX/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "zdt": [{"lastseen": "2018-01-03T19:17:08", "description": "Exploit for linux platform in category local exploits", "cvss3": {}, "published": "2017-03-06T00:00:00", "type": "zdt", "title": "Tcpreplay 4.1.2 tcpcapinfo Buffer Overflow Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2017-03-06T00:00:00", "id": "1337DAY-ID-27215", "href": "https://0day.today/exploit/description/27215", "sourceData": "Document Title:\r\n===============\r\nCVE-2017-6429: Buffer overflow vulnerability in Tcpreplay tcpcapinfo utility\r\n\r\nVendor:\r\n=======\r\nAppneta (https://www.appneta.com/)\r\n\r\nProduct and Versions Affected:\r\n==============================\r\nTcpreplay 4.1.2 and possibly prior.\r\n\r\nFixed Version:\r\n==============\r\n4.2.0 Beta 1\r\n\r\nProduct Description:\r\n====================\r\nTcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. \r\n\r\nVulnerability Type:\r\n===================\r\nBuffer Overflow\r\n\r\nCVE Reference:\r\n==============\r\nCVE-2017-6429\r\n\r\nVulnerability Details:\r\n======================\r\nTcpcapinfo utility of Tcpreplay have a buffer overflow vulnerability associated with parsing a crafted pcap file. This occurs in the src/tcpcapinfo.c file when capture has a packet that is too large to handle.\r\n\r\nGDB Dump:\r\n=========\r\n---------Backtrace:-----------\r\n/lib/x86_64-linux-gnu/libc.so.6(+0x7338f)[0x7ffff7a8838f]\r\n/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x5c)[0x7ffff7b1fc9c]\r\n/lib/x86_64-linux-gnu/libc.so.6(+0x109b60)[0x7ffff7b1eb60]\r\n/lib/x86_64-linux-gnu/libc.so.6(+0x109fed)[0x7ffff7b1efed]\r\n/home/raras/Desktop/Untitled Folder/tcpreplay-4.1.2/src/tcpcapinfo[0x40228c]\r\n/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5)[0x7ffff7a36ec5]\r\n/home/raras/Desktop/Untitled Folder/tcpreplay-4.1.2/src/tcpcapinfo[0x4028dc]\r\n======= Memory map: ========\r\n00400000-0041b000 r-xp 00000000 08:01 453864 /home/raras/Desktop/Untitled Folder/tcpreplay-4.1.2/src/tcpcapinfo\r\n0061a000-0061b000 r--p 0001a000 08:01 453864 /home/raras/Desktop/Untitled Folder/tcpreplay-4.1.2/src/tcpcapinfo\r\n0061b000-0061c000 rw-p 0001b000 08:01 453864 /home/raras/Desktop/Untitled Folder/tcpreplay-4.1.2/src/tcpcapinfo\r\n0061c000-0063e000 rw-p 00000000 00:00 0 [heap]\r\n7ffff77fe000-7ffff7814000 r-xp 00000000 08:01 660352 /lib/x86_64-linux-gnu/libgcc_s.so.1\r\n7ffff7814000-7ffff7a13000 ---p 00016000 08:01 660352 /lib/x86_64-linux-gnu/libgcc_s.so.1\r\n7ffff7a13000-7ffff7a14000 r--p 00015000 08:01 660352 /lib/x86_64-linux-gnu/libgcc_s.so.1\r\n7ffff7a14000-7ffff7a15000 rw-p 00016000 08:01 660352 /lib/x86_64-linux-gnu/libgcc_s.so.1\r\n7ffff7a15000-7ffff7bd0000 r-xp 00000000 08:01 660238 /lib/x86_64-linux-gnu/libc-2.19.so\r\n7ffff7bd0000-7ffff7dcf000 ---p 001bb000 08:01 660238 /lib/x86_64-linux-gnu/libc-2.19.so\r\n7ffff7dcf000-7ffff7dd3000 r--p 001ba000 08:01 660238 /lib/x86_64-linux-gnu/libc-2.19.so\r\n7ffff7dd3000-7ffff7dd5000 rw-p 001be000 08:01 660238 /lib/x86_64-linux-gnu/libc-2.19.so\r\n7ffff7dd5000-7ffff7dda000 rw-p 00000000 00:00 0 \r\n7ffff7dda000-7ffff7dfd000 r-xp 00000000 08:01 660214 /lib/x86_64-linux-gnu/ld-2.19.so\r\n7ffff7fd5000-7ffff7fd8000 rw-p 00000000 00:00 0 \r\n7ffff7ff4000-7ffff7ff8000 rw-p 00000000 00:00 0 \r\n7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]\r\n7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]\r\n7ffff7ffc000-7ffff7ffd000 r--p 00022000 08:01 660214 /lib/x86_64-linux-gnu/ld-2.19.so\r\n7ffff7ffd000-7ffff7ffe000 rw-p 00023000 08:01 660214 /lib/x86_64-linux-gnu/ld-2.19.so\r\n7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0 \r\n7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]\r\nffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]\r\n1 1260 134217964 575b56ff.0\r\nProgram received signal SIGABRT, Aborted.\r\n\r\n [----------------------------------registers-----------------------------------]\r\nRAX: 0x0 \r\nRBX: 0x70 ('p')\r\nRCX: 0xffffffffffffffff \r\nRDX: 0x6 \r\nRSI: 0xcc0b \r\nRDI: 0xcc0b \r\nRBP: 0x7fffffffb500 --> 0x7ffff7b944c2 (\"buffer overflow detected\")\r\nRSP: 0x7fffffffb1e8 --> 0x7ffff7a4f0d8 (<__GI_abort+328>: mov rdx,QWORD PTR fs:0x10)\r\nRIP: 0x7ffff7a4bcc9 (<__GI_raise+57>: cmp rax,0xfffffffffffff000)\r\nR8 : 0x7ffff7b8bdc0 (\"0123456789abcdefghijklmnopqrstuvwxyz\")\r\nR9 : 0x61bd80 --> 0x7ffff7dd41c0 --> 0xfbad2086 \r\nR10: 0x8 \r\nR11: 0x246 \r\nR12: 0x7fffffffb370 --> 0x1 \r\nR13: 0x5 \r\nR14: 0x70 ('p')\r\nR15: 0x5\r\nEFLAGS: 0x246 (carry PARITY adjust ZERO sign trap INTERRUPT direction overflow)\r\n[-------------------------------------code-------------------------------------]\r\n 0x7ffff7a4bcbf <__GI_raise+47>: movsxd rdi,ecx\r\n 0x7ffff7a4bcc2 <__GI_raise+50>: mov eax,0xea\r\n 0x7ffff7a4bcc7 <__GI_raise+55>: syscall \r\n=> 0x7ffff7a4bcc9 <__GI_raise+57>: cmp rax,0xfffffffffffff000\r\n 0x7ffff7a4bccf <__GI_raise+63>: ja 0x7ffff7a4bcea <__GI_raise+90>\r\n 0x7ffff7a4bcd1 <__GI_raise+65>: repz ret \r\n 0x7ffff7a4bcd3 <__GI_raise+67>: nop DWORD PTR [rax+rax*1+0x0]\r\n 0x7ffff7a4bcd8 <__GI_raise+72>: test eax,eax\r\n[------------------------------------stack-------------------------------------]\r\n0000| 0x7fffffffb1e8 --> 0x7ffff7a4f0d8 (<__GI_abort+328>: mov rdx,QWORD PTR fs:0x10)\r\n0008| 0x7fffffffb1f0 --> 0x20 (' ')\r\n0016| 0x7fffffffb1f8 --> 0x0 \r\n0024| 0x7fffffffb200 --> 0x0 \r\n0032| 0x7fffffffb208 --> 0x0 \r\n0040| 0x7fffffffb210 --> 0x0 \r\n0048| 0x7fffffffb218 --> 0x0 \r\n0056| 0x7fffffffb220 --> 0x0 \r\n[------------------------------------------------------------------------------]\r\nLegend: code, data, rodata, value\r\nStopped reason: SIGABRT\r\n0x00007ffff7a4bcc9 in __GI_raise ([email\u00a0protected]=0x6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56\r\n56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.\r\n\r\n\r\nPatch:\r\n======\r\n src/tcpcapinfo.c\r\n @@ -281,6 +281,15 @@ main(int argc, char *argv[])\r\n caplen = pcap_ph.caplen;\r\n }\r\n \r\n + if (caplentoobig) {\r\n + printf(\"\\n\\nCapture file appears to be damaged or corrupt.\\n\"\r\n + \"Contains packet of size %u, bigger than snap length %u\\n\",\r\n + caplen, pcap_fh.snaplen);\r\n +\r\n + close(fd);\r\n + break;\r\n + }\r\n +\r\n /* check to make sure timestamps don't go backwards */\r\n if (last_sec > 0 && last_usec > 0) {\r\n if ((pcap_ph.ts.tv_sec == last_sec) ? \r\n @@ -306,7 +315,7 @@ main(int argc, char *argv[])\r\n }\r\n \r\n close(fd);\r\n - continue;\r\n + break;\r\n }\r\n \r\n /* print the frame checksum */\r\n\r\n \r\nReferences:\r\n===========\r\nhttps://github.com/appneta/tcpreplay/issues/278\r\nhttps://github.com/appneta/tcpreplay/releases/tag/v4.2.0-beta1\r\n\r\n\r\nVulnerability Disclosure Timeline:\r\n==================================\r\n2017-02-08: Bug Report Submission & Coordination \r\n2017-03-05: Public Disclosure\r\n\r\nCredit:\r\n=======\r\nAromalUllas\n\n# 0day.today [2018-01-03] #", "sourceHref": "https://0day.today/exploit/27215", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:34:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-16T00:00:00", "type": "openvas", "title": "Fedora Update for tcpreplay FEDORA-2017-dc1828d4f9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872493", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872493", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tcpreplay FEDORA-2017-dc1828d4f9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872493\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-16 09:19:17 +0100 (Thu, 16 Mar 2017)\");\n script_cve_id(\"CVE-2017-6429\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tcpreplay FEDORA-2017-dc1828d4f9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpreplay'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tcpreplay on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-dc1828d4f9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/26CZOIWYUHRBEAFQIK5YC53IMMYT7A4P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcpreplay\", rpm:\"tcpreplay~4.1.2~3.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-03-18T00:00:00", "type": "openvas", "title": "Fedora Update for tcpreplay FEDORA-2017-936a79ee30", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872498", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872498", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tcpreplay FEDORA-2017-936a79ee30\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872498\");\n script_version(\"$Revision: 14225 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 15:32:03 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-03-18 06:44:12 +0100 (Sat, 18 Mar 2017)\");\n script_cve_id(\"CVE-2017-6429\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tcpreplay FEDORA-2017-936a79ee30\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpreplay'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tcpreplay on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-936a79ee30\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLMYNSLCIC5CPXZ4CIYGPOQTQPZ5LA26\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcpreplay\", rpm:\"tcpreplay~4.1.2~3.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-04-03T00:00:00", "type": "openvas", "title": "Fedora Update for tcpreplay FEDORA-2017-5e945de883", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872542", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872542", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tcpreplay FEDORA-2017-5e945de883\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872542\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-03 06:44:20 +0200 (Mon, 03 Apr 2017)\");\n script_cve_id(\"CVE-2017-6429\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tcpreplay FEDORA-2017-5e945de883\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpreplay'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tcpreplay on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-5e945de883\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J6CDRSU5SOKQTUFBTKVOQERYG4FDLWTX\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcpreplay\", rpm:\"tcpreplay~4.2.1~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2017-04-03T00:00:00", "type": "openvas", "title": "Fedora Update for tcpreplay FEDORA-2017-7980b5e846", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-6429"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872544", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872544", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for tcpreplay FEDORA-2017-7980b5e846\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872544\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-03 06:44:32 +0200 (Mon, 03 Apr 2017)\");\n script_cve_id(\"CVE-2017-6429\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for tcpreplay FEDORA-2017-7980b5e846\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpreplay'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"tcpreplay on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-7980b5e846\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NZJQEY7VFKBHOQTU6GXYOITM4MJAOORC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"tcpreplay\", rpm:\"tcpreplay~4.2.1~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:43:28", "description": "Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1\nallows remote attackers to have unspecified impact via a pcap file with an\nover-size packet.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-15T00:00:00", "type": "ubuntucve", "title": "CVE-2017-6429", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6429"], "modified": "2017-03-15T00:00:00", "id": "UB:CVE-2017-6429", "href": "https://ubuntu.com/security/CVE-2017-6429", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
[SECURITY] Fedora 26 Update: tcpreplay-4.2.1-1.fc26
