Tcpreplay Security Vulnerabilities
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...
5.3CVSS
7.3AI Score
0.0004EPSS
Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a....
5.5CVSS
7AI Score
0.0004EPSS
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse_list function at the list.c:81...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring...
7.5CVSS
7.2AI Score
0.002EPSS
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at...
7.5CVSS
7.2AI Score
0.002EPSS
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from...
7.8CVSS
7.7AI Score
0.001EPSS
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from...
7.8CVSS
7.7AI Score
0.001EPSS
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from...
7.8CVSS
7.7AI Score
0.001EPSS
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data...
7.5CVSS
7.3AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
7.7AI Score
0.001EPSS
5.5CVSS
6.1AI Score
0.001EPSS
7.8CVSS
7.5AI Score
0.001EPSS
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in...
7.8CVSS
7.5AI Score
0.001EPSS
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in...
7.8CVSS
7.5AI Score
0.001EPSS
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep...
5.5CVSS
5.6AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.001EPSS
5.5CVSS
5.5AI Score
0.001EPSS
Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted...
5.5CVSS
5.4AI Score
0.001EPSS
Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than...
5.5CVSS
5.9AI Score
0.001EPSS
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of...
7.5CVSS
7.5AI Score
0.004EPSS
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of...
7.5CVSS
7.5AI Score
0.004EPSS
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at...
9.1CVSS
8.9AI Score
0.003EPSS
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or...
7.8CVSS
8AI Score
0.003EPSS
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly...
7.8CVSS
7.9AI Score
0.003EPSS
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other...
7.8CVSS
6.6AI Score
0.003EPSS
7.8CVSS
7.8AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.001EPSS
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of...
5.5CVSS
7.1AI Score
0.001EPSS
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other...
9.8CVSS
9.4AI Score
0.002EPSS
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value...
5.5CVSS
7.2AI Score
0.001EPSS
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap...
7.1CVSS
7.9AI Score
0.001EPSS
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS)....
7.1CVSS
8AI Score
0.001EPSS
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by...
7.5CVSS
8.2AI Score
0.003EPSS
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to...
7.8CVSS
7.2AI Score
0.002EPSS
Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size...
7.8CVSS
7.7AI Score
0.009EPSS
tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to...
7.5CVSS
7.1AI Score
0.005EPSS