) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:broadcom:tcpreplay:4.3.0:beta1:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2020-12740 |
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. Published: May 08, 2020; 2:15:10 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2018-20553 |
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. Published: December 28, 2018; 11:29:05 AM -0500 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2018-20552 |
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. Published: December 28, 2018; 11:29:05 AM -0500 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2018-18408 |
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact. Published: October 17, 2018; 12:29:00 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
| CVE-2018-18407 |
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. Published: October 17, 2018; 12:29:00 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-17974 |
An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. Published: October 03, 2018; 6:29:00 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2018-17582 |
Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. Published: September 28, 2018; 5:29:01 AM -0400 |
V3.0: 7.1 HIGH V2.0: 5.8 MEDIUM |
| CVE-2018-17580 |
A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. Published: September 28, 2018; 5:29:00 AM -0400 |
V3.0: 7.1 HIGH V2.0: 5.8 MEDIUM |
| CVE-2018-13112 |
get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. Published: July 03, 2018; 1:29:01 PM -0400 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |