ALT-PU-2025-6333-3
Closed vulnerabilities
Published: 2024-03-28
Modified: 2025-04-16
Modified: 2025-04-16
CVE-2024-3024
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing
- https://docs.google.com/document/d/1wCIrViAJwGsO5afPBLLjRhO5RClsoUo3J9q1psLs84s/edit?usp=sharing
- https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view
- https://drive.google.com/file/d/1zV9MSkfYLIrdtK3yczy1qbsJr_yN2fwH/view
- VDB-258333 | CTI Indicators (IOB, IOC, IOA)
- VDB-258333 | CTI Indicators (IOB, IOC, IOA)
- VDB-258333 | appneta tcpreplay get.c get_layer4_v6 heap-based overflow
- VDB-258333 | appneta tcpreplay get.c get_layer4_v6 heap-based overflow
- Submit #297866 | appneta tcpreplay 4.4.4 (latest) heap-buffer-overflow
- Submit #297866 | appneta tcpreplay 4.4.4 (latest) heap-buffer-overflow