A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
The product writes data past the end, or before the beginning, of the intended buffer.
| Link | Tags |
|---|---|
| https://vuldb.com/?id.258333 | third party advisory vdb entry exploit technical description |
| https://vuldb.com/?ctiid.258333 | signature vdb entry permissions required |
| https://vuldb.com/?submit.297866 | third party advisory vdb entry |
| https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing | exploit related |
| https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view | broken link exploit permissions required |