Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.
CPE | Name | Operator | Version |
---|---|---|---|
tcpreplay | eq | 4.0.4 | |
tcpreplay | eq | 4.1.0beta2 | |
tcpreplay | eq | 4.2.5 | |
tcpreplay | eq | 4.1.0 | |
tcpreplay | eq | 4.0.0 | |
tcpreplay | eq | 4.2.3 | |
tcpreplay | eq | 4.3.0-beta1 | |
tcpreplay | eq | 4.1.1-beta2 | |
tcpreplay | eq | 4.2.0-beta1 | |
tcpreplay | eq | 4.0.1 |