Latest broadcom tcpreplay Vulnerabilities

CVE-2023-4256
Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
Broadcom Tcpreplay=4.4.3
Broadcom Tcpreplay=4.4.4
Fedoraproject Extra Packages For Enterprise Linux=8.0
Fedoraproject Fedora=39
CVE-2023-27788
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint.
Broadcom Tcpreplay=4.4.3
CVE-2023-27785
An issue found in TCPreplay TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the parse endpoints function.
Broadcom Tcpreplay=4.4.3
CVE-2023-27784
An issue found in TCPReplay v.4.4.3 allows a remote attacker to cause a denial of service via the read_hexstring function at the utils.c:309 endpoint.
Broadcom Tcpreplay=4.4.3
CVE-2023-27783
An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c.
Broadcom Tcpreplay=4.4.3
CVE-2023-27786
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the macinstring function.
Broadcom Tcpreplay=4.4.3
CVE-2022-37048
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-37049
The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-37047
The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-27416
Tcpreplay v4.4.1 was discovered to contain a double-free via __interceptor_free.
Broadcom Tcpreplay=4.4.1
CVE-2022-27418
Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c.
Broadcom Tcpreplay=4.4.1
CVE-2022-27942
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-27940
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-27939
tcprewrite in Tcpreplay 4.4.1 has a reachable assertion in get_layer4_v6 in common/get.c.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-27941
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.
Broadcom Tcpreplay=4.4.1
Fedoraproject Fedora=35
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2022-25484
tcpprep v4.4.1 has a reachable assertion (assert(l2len > 0)) in packet2tree() at tree.c in tcpprep v4.4.1.
Broadcom Tcpreplay=4.4.1
CVE-2021-45386
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv6() at tree.c
Broadcom Tcpreplay=4.3.4
CVE-2021-45387
tcpreplay 4.3.4 has a Reachable Assertion in add_tree_ipv4() at tree.c.
Broadcom Tcpreplay=4.3.4
CVE-2020-23273
Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.
Broadcom Tcpreplay=4.3.2
CVE-2020-24265
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
Broadcom Tcpreplay=4.3.3
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2020-24266
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
Broadcom Tcpreplay=4.3.3
Fedoraproject Fedora=31
Fedoraproject Fedora=32
Fedoraproject Fedora=33
CVE-2020-12740
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
Broadcom Tcpreplay<=4.3.2
Fedoraproject Fedora=31
Fedoraproject Fedora=32
CVE-2019-8381
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an ...
Broadcom Tcpreplay=4.3.1
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
CVE-2019-8376
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-...
Broadcom Tcpreplay=4.3.1
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
CVE-2019-8377
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcprepl...
Broadcom Tcpreplay=4.3.1
Fedoraproject Fedora=28
Fedoraproject Fedora=29
Fedoraproject Fedora=30
Fedoraproject Fedora=31
Fedoraproject Fedora=32
CVE-2018-20553
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
Broadcom Tcpreplay<4.3.1
CVE-2018-20552
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
Broadcom Tcpreplay<4.3.1
CVE-2018-18408
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecifi...
Broadcom Tcpreplay=4.3.0-beta1
Fedoraproject Fedora=28
Fedoraproject Fedora=29
CVE-2018-17974
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values i...
Broadcom Tcpreplay=4.3.0-beta1
CVE-2018-17582
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pk...
Broadcom Tcpreplay=4.3.0-beta1
Broadcom Tcpreplay=4.3.0-beta2
CVE-2018-17580
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Expos...
Broadcom Tcpreplay=4.3.0-beta1
CVE-2018-13112
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpp...
Broadcom Tcpreplay=4.3.0-beta1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203