CVE-2018-17582
N/A
N/A
Summary
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/appneta/tcpreplay/issues/484
- https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay
References
- https://github.com/appneta/tcpreplay/issues/484
- https://github.com/SegfaultMasters/covering360/blob/master/tcpreplay
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.