Unrated severityNVD Advisory· Published Mar 28, 2024· Updated Aug 1, 2024
appneta tcpreplay get.c get_layer4_v6 heap-based overflow
CVE-2024-3024
Description
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
8- osv-coords6 versionspkg:deb/ubuntu/tcpreplay@3.4.4-2+deb8u1ubuntu0.1~esm2?arch=source&distro=esm-apps/xenialpkg:deb/ubuntu/tcpreplay@4.2.6-1ubuntu0.1~esm4?arch=source&distro=esm-apps/bionicpkg:deb/ubuntu/tcpreplay@4.3.2-1build1?arch=source&distro=focalpkg:deb/ubuntu/tcpreplay@4.3.4-1?arch=source&distro=jammypkg:deb/ubuntu/tcpreplay@4.4.4-1build2?arch=source&distro=noblepkg:rpm/opensuse/tcpreplay&distro=openSUSE%20Leap%2016.0
>= 0+ 5 more
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: >= 0
- (no CPE)range: < 4.5.2-bp160.1.1
Patches
Vulnerability mechanics
References
5- drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/viewmitrebroken-linkexploit
- vuldb.commitrevdb-entrytechnical-descriptionexploit
- vuldb.commitrethird-party-advisory
- docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/editmitrerelated
- vuldb.commitresignaturepermissions-required
News mentions
0No linked articles in our index yet.