ID CVE-2019-8376
Summary An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:tcpreplay:4.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:tcpreplay:4.3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 08-04-2022 - 10:30)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 107085
fedora
  • FEDORA-2019-7d689dd314
  • FEDORA-2019-a9c08d4b40
  • FEDORA-2019-e40253f67e
misc
Last major update 08-04-2022 - 10:30
Published 17-02-2019 - 02:29
Last modified 08-04-2022 - 10:30
Back to Top