Broadcom: >> Tcpreplay >> 4.3.0 Security Vulnerabilities
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.
CVSS Score
7.1
EPSS Score
0.002
Published
2018-09-28
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.
CVSS Score
7.1
EPSS Score
0.002
Published
2018-09-28
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-07-03
Page 2