| tiêu đề | appneta tcpreplay 4.4.4 (latest) heap-buffer-overflow |
|---|
| Mô tả | An issue was discovered in tcpreplay, a tool for replaying captured network traffic. A heap-buffer-overflow vulnerability exists in the get_layer4_v6 function, as defined in get.c. This function is responsible for parsing the IPv6 headers to identify the layer 4 protocol header. When handling specially crafted IPv6 packets, the function may erroneously read beyond the allocated heap memory, leading to potential security implications such as denial of service (DoS) or information disclosure. The overflow occurs when the parser misjudges the boundaries of the header structures in IPv6 packets.
|
|---|
| Nguồn | ⚠️ https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing |
|---|
| Người dùng | MSXF (UID 62382) |
|---|
| Đệ trình | 13/03/2024 16:02 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 27/03/2024 19:25 (14 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 258333 [appneta tcpreplay đến 4.4.4 get.c get_layer4_v6 tràn bộ đệm] |
|---|
| điểm | 20 |
|---|