CVE-2017-1000116

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-1000116
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000116.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-1000116
Aliases
Downstream
Related
Published
2017-10-05T01:29:04.617Z
Modified
2026-02-10T14:46:01.270645Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type
GIT
Repo
https://github.com/the-tcpdump-group/tcpdump
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9c3e5c52c1e771aa0e4f833de56d575767e9669c

Affected versions

tcpdump-3.*
tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-1000116.json"
vanir_signatures 
[
    {
        "id": "CVE-2017-1000116-9e61d9d9",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/9c3e5c52c1e771aa0e4f833de56d575767e9669c",
        "signature_type": "Line",
        "target": {
            "file": "print-bgp.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "29412215387126643158575155055138088429",
                "190093712685217424075796052581862224862",
                "137222735896423861713095292815576227000",
                "307680998659996210135614522908913220850",
                "267236173929935263435102284835913523899",
                "295589839652029586054590506230169928860",
                "161847238595719934056961922289713889207",
                "245105799978126639189332938929920690591",
                "129629845162696009984137994765233999107"
            ]
        }
    },
    {
        "id": "CVE-2017-1000116-c83ebc59",
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/9c3e5c52c1e771aa0e4f833de56d575767e9669c",
        "signature_type": "Function",
        "target": {
            "function": "bgp_update_print",
            "file": "print-bgp.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "length": 2652.0,
            "function_hash": "304398334738087043918759760939878649958"
        }
    }
]