PT-2023-9852 · Tcpreplay+4 · Tcpreplay+4

Marsman1996

Publicado

2023-03-01

Atualizado

2025-01-28

CVE-2023-27789

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Tcpreplay version 4.4.3

Description The issue is related to the cidr2cidr() function in the Tcpreplay utility, which can cause a denial of service when exploited by a remote attacker. This function is part of the PCAP file handler and is associated with an uncontrolled reachable assertion. The exploitation of this issue can allow a remote attacker to cause a denial of service.

Recommendations For version 4.4.3, consider disabling the cidr2cidr() function as a temporary workaround until a patch is available. Restrict access to the cidr.c file to minimize the risk of exploitation. Avoid using the cidr2cidr() function in the affected endpoint until the issue is resolved.

Exploit

Correção

DoS

Assertion Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-617

Identificadores relacionados

ALT-PU-2023-6893

BDU:2025-00907

CVE-2023-27789

MGASA-2023-0188

USN-7231-1

Produtos afetados

Alt Linux

Debian

Linuxmint

Tcpreplay

Ubuntu

PT-2023-9852 · Tcpreplay+4 · Tcpreplay+4

CVE-2023-27789

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 28