ArchLinux: 201905-5: tcpreplay: multiple issues

    Date 07 May 2019
    1045
    Posted By LinuxSecurity Advisories
    The package tcpreplay before version 4.3.2-1 is vulnerable to multiple issues including arbitrary code execution and denial of service.
    Arch Linux Security Advisory ASA-201905-5
    =========================================
    
    Severity: High
    Date    : 2019-05-06
    CVE-ID  : CVE-2019-8376 CVE-2019-8377 CVE-2019-8381
    Package : tcpreplay
    Type    : multiple issues
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-902
    
    Summary
    =======
    
    The package tcpreplay before version 4.3.2-1 is vulnerable to multiple
    issues including arbitrary code execution and denial of service.
    
    Resolution
    ==========
    
    Upgrade to 4.3.2-1.
    
    # pacman -Syu "tcpreplay>=4.3.2-1"
    
    The problems have been fixed upstream in version 4.3.2.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2019-8376 (denial of service)
    
    An issue was discovered in tcpreplay 4.3.1. A NULL pointer dereference
    occurred in the function get_layer4_v6() located at get.c. This can be
    triggered by sending a crafted pcap file to the tcpreplay-edit binary.
    It allows an attacker to cause a Denial of Service (Segmentation fault)
    or possibly have unspecified other impact.
    
    - CVE-2019-8377 (denial of service)
    
    An issue was discovered in tcpreplay 4.3.1. A NULL pointer dereference
    occurred in the function get_ipv6_l4proto() located at get.c. This can
    be triggered by sending a crafted pcap file to the tcpreplay-edit
    binary. It allows an attacker to cause a Denial of Service
    (Segmentation fault) or possibly have unspecified other impact.
    
    - CVE-2019-8381 (arbitrary code execution)
    
    An issue was discovered in tcpreplay 4.3.1. An invalid memory access
    occurs in do_checksum in checksum.c. It can be triggered by sending a
    crafted pcap file to the tcpreplay-edit binary. It allows an attacker
    to cause a Denial of Service (Segmentation fault) or possibly have
    unspecified other impact.
    
    Impact
    ======
    
    A remote attacker is able to cause a denial of service, or execute
    arbitrary code, with a specially crafted pcap file.
    
    References
    ==========
    
    https://github.com/appneta/tcpreplay/issues/537
    https://research.loginsoft.com/vulnerability/null-pointer-dereference-vulnerability-in-function-get_layer4_v6-tcpreplay-4-3-1/
    https://github.com/appneta/tcpreplay/issues/536
    https://research.loginsoft.com/vulnerability/null-pointer-dereference-vulnerability-in-function-get_ipv6_l4proto-tcpreplay-4-3-1/
    https://research.loginsoft.com/bugs/invalid-memory-access-vulnerability-in-function-do_checksum-tcpreplay-4-3-1/
    https://github.com/appneta/tcpreplay/issues/538
    https://github.com/appneta/tcpreplay/pull/548/commits/dae97cbafc5c06ebbc6b34e76ba614104f1b73e1
    https://security.archlinux.org/CVE-2019-8376
    https://security.archlinux.org/CVE-2019-8377
    https://security.archlinux.org/CVE-2019-8381
    

    LinuxSecurity Poll

    Have you ever used tcpdump for network troubleshooting or debugging?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/36-have-you-ever-used-tcpdump-for-network-troubleshooting-or-debugging?task=poll.vote&format=json
    36
    radio
    [{"id":"125","title":"Yes","votes":"36","type":"x","order":"1","pct":80,"resources":[]},{"id":"126","title":"No ","votes":"9","type":"x","order":"2","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.