PT-2023-9851 · Tcpreplay+4 · Tcpreplay+4

Archanawind

Publicado

2023-03-01

Atualizado

2025-02-26

CVE-2023-27783

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TCPreplay tcprewrite version 4.4.3

Description The issue allows a remote attacker to cause a denial of service via the tcpedit dlt cleanup function at plugins/dlt plugins.c. This is related to an uncontrolled reachable assertion in the tcpedit dlt cleanup() function of the tcprewrite PCAP file editor in the Tcpreplay PCAP file editing and replaying utility. Exploitation of the issue may allow a remote attacker to cause a denial of service.

Recommendations For TCPreplay tcprewrite version 4.4.3, consider disabling the tcpedit dlt cleanup() function as a temporary workaround until a patch is available.

Exploit

Correção

DoS

Assertion Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-617

Identificadores relacionados

ALT-PU-2023-6893

BDU:2025-00906

CVE-2023-27783

MGASA-2023-0188

OPENSUSE-SU-2023:0267-1

OPENSUSE-SU-2024:13108-1

USN-7231-1

Produtos afetados

Alt Linux

Debian

Linuxmint

Tcpreplay

Ubuntu

PT-2023-9851 · Tcpreplay+4 · Tcpreplay+4

CVE-2023-27783

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 37