PT-2023-9851 · Tcpreplay+4 · Tcpreplay+4

Archanawind

Published

2023-03-01

Updated

2025-02-26

CVE-2023-27783

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TCPreplay tcprewrite version 4.4.3

Description The issue allows a remote attacker to cause a denial of service via the tcpedit dlt cleanup function at plugins/dlt plugins.c. This is related to an uncontrolled reachable assertion in the tcpedit dlt cleanup() function of the tcprewrite PCAP file editor in the Tcpreplay PCAP file editing and replaying utility. Exploitation of the issue may allow a remote attacker to cause a denial of service.

Recommendations For TCPreplay tcprewrite version 4.4.3, consider disabling the tcpedit dlt cleanup() function as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2023-6893

BDU:2025-00906

CVE-2023-27783

MGASA-2023-0188

OPENSUSE-SU-2023:0267-1

OPENSUSE-SU-2024:13108-1

USN-7231-1

Affected Products

Alt Linux

Debian

Linuxmint

Tcpreplay

Ubuntu

PT-2023-9851 · Tcpreplay+4 · Tcpreplay+4

CVE-2023-27783

Weakness Enumeration

Related Identifiers

Affected Products

References · 37