POC详情: cd2c46b8fbeef141034bb35539c8525eb8274f03

来源
https://github.com/sy460129/CVE-2025-51005
关联漏洞
标题: Appneta Tcpreplay 安全漏洞 (CVE-2025-51005)
描述:Appneta Tcpreplay是Appneta开源的一款网络报文回放工具。 Appneta Tcpreplay 4.5.1版本存在安全漏洞,该漏洞源于tcpliveplay实用程序在处理特制pcap文件时错误处理内存,可能导致拒绝服务。
介绍
# CVE-2025-51005 – Heap Buffer Overflow in tcpliveplay checksum calculation

**Affected Product:** tcpreplay  
**Vendod:** Appneta  
**Affected Version(s):** 4.5.1  
**Fixed Version:** Not yet.  
**Vulnerability Type:** Heap Buffer Overflow (CWE-122)  
**Impact:** Denial of Service  

## Description
A heap buffer overflow vulnerability exists in the tcpliveplay.  
When handling crafted pcap files, the program miscalculates the remaining packet length derived from the IPv4 header. This unchecked value is later used in checksum operations, resulting in memory access beyond the allocated buffer.  
The vendor has announced that this function will be removed starting from version 4.6.  

## Trigger
**Trigger / Reproduction**  
1) Build tcpreplay 4.5.1 (building with ASan helps but is not required).  
2) Run: sudo ./src/tcpliveplay eth0 ./a.pcap 0.0.0.0 00:00:00:00:00:00 random


## Sanitizer log

<img width="1589" height="604" alt="image" src="https://github.com/user-attachments/assets/1454c746-45d1-49e2-ba79-ba1c6478c890" />

## Reference
https://github.com/appneta/tcpreplay/issues/925

## PoC
[poc.zip](https://github.com/user-attachments/files/22483651/poc.zip)
文件快照

 [4.0K]  /data/pocs/cd2c46b8fbeef141034bb35539c8525eb8274f03
├── [  72]  a.pcap
└── [1.2K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。