CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-18408

A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 56.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args
https://github.com/appneta/tcpreplay/issues/489
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6/
https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay/README.md#use-after-free-in-post_args
https://github.com/appneta/tcpreplay/issues/489
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V3SADKXUSHWTVAPU3WLXBDEQUHRA6ZO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MLPY6W7Z7G6PF2JN4LXXHCACYLD4RBG6/

Products affected by CVE-2018-18408

Broadcom » Tcpreplay » Version: 4.3.0

cpe:2.3:a:broadcom:tcpreplay:4.3.0
Fedoraproject » Fedora » Version: 28

cpe:2.3:o:fedoraproject:fedora:28
Fedoraproject » Fedora » Version: 29

cpe:2.3:o:fedoraproject:fedora:29

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18408

Products

Pricing

Contact Us