CVE-2024-3024

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-3024
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-3024.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-3024
Related
Published
2024-03-28T02:15:11Z
Modified
2025-01-14T12:13:20.060167Z
Summary
[none]
Details

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References

Affected packages

Debian:11 / tcpreplay

Package

Name
tcpreplay
Purl
pkg:deb/debian/tcpreplay?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.3.3-2
4.3.4-1
4.4.0-1
4.4.1-1
4.4.1-2
4.4.2-1
4.4.3-1
4.4.4-1
4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / tcpreplay

Package

Name
tcpreplay
Purl
pkg:deb/debian/tcpreplay?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.3-1
4.4.4-1
4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / tcpreplay

Package

Name
tcpreplay
Purl
pkg:deb/debian/tcpreplay?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.3-1
4.4.4-1
4.5.1-1

Ecosystem specific

{
    "urgency": "unimportant"
}