CVE-2018-17580

Name of the Vulnerable Software and Affected Versions Tcpreplay version 4.3.0 beta1

Description A heap-based buffer over-read exists in the fast edit packet() function, located in the send packets.c file. This issue can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.

Recommendations For Tcpreplay version 4.3.0 beta1, consider avoiding the use of crafted pcap files until a patch is available. As a temporary workaround, restrict the processing of pcap files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.