CVE-2017-12993
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-12993
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12993.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-12993
- Downstream
- Related
- Published
- 2017-09-14T06:29:00Z
- Modified
- 2025-09-16T06:39:24.327858Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
- References
-
- http://www.debian.org/security/2017/dsa-3971
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02
- https://security.gentoo.org/glsa/201709-23
- http://www.securitytracker.com/id/1039307
- https://support.apple.com/HT208221
Affected packages
Debian:11 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:12 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:13 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Debian:14 / tcpdump
Package
- Name
- tcpdump
- Purl
- pkg:deb/debian/tcpdump?arch=source
Git / github.com/the-tcpdump-group/tcpdump
Affected ranges
- Type
- GIT
- Repo
- https://github.com/the-tcpdump-group/tcpdump
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
tcpdump-3.*
tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp
tcpdump-4.*
tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp
Database specific
{
"vanir_signatures": [
{
"digest": {
"line_hashes": [
"270084028936393464971082461733321351693",
"106083757931322633041386808562751495050",
"179359126659455982470998776578117150592",
"95902246208100538185362256414899521892",
"256660957907151844444930599858007855744",
"186062363808162653573599473466793219506",
"132118712088830692188528375557678767470",
"222801170588770004276296419497554722957",
"282113220204086854748625560341708801267",
"191569146088933487599138618954230122301",
"323131920038022829750300653250769713967",
"129060009480629713702800682741855256755",
"54408006696250695083186251935796390077",
"245230253746055068525999215229923349395",
"305776387313707955938558625234366181635",
"258422521374122601663924905987749854801",
"240783352854252400132537517555530089028",
"46500771863142756781059302955245113535",
"171001976477756269627364055333438664125",
"28662132009700334755035659637373358296",
"89963661794456977503404375748512140525",
"1469825168830174955367203752841375753",
"302708064910339863911742432642595610729",
"202692110479686862576991751752862931174",
"77603141308854426748365650931526145420",
"29991183975108930813593573445549821694",
"28662132009700334755035659637373358296",
"28847973159584350833429535669295513402",
"155682369322867757846241953890682189229",
"9562984142252889121839694135588217083",
"281072651391572011329785708277999749200",
"317264406936897214651820504493009762855",
"25016146098936957089987370770310835836",
"237250819103399039278794453788675835755",
"302061328384954427481746162909216934485",
"257392887346723217959132578796639910181",
"89603413190043199621468293878493689962",
"215202163642535277858713871518072729862",
"274245048270878345603596238983402958928",
"218592107056257505587897080748679880935",
"218435048218732851653529297515742496022",
"37809318458422039130730887656142586740",
"257392887346723217959132578796639910181",
"89603413190043199621468293878493689962",
"215202163642535277858713871518072729862",
"153146374384851104142286050249546785948",
"218592107056257505587897080748679880935",
"218435048218732851653529297515742496022",
"244370925488423979975711856577238563034",
"304427864444944577307279699654603512933",
"267583017831215741941608465167494480382",
"312087356249241394501882381640017454654",
"288266471533100708999979240581210180069",
"181672082229793536462055951625575451209",
"204791441303601394492092924819834562631",
"109900828776566170748528583635431653154",
"57632619849935761436025877264007513255",
"303410437778313289041521032192756458922",
"204791441303601394492092924819834562631",
"109900828776566170748528583635431653154"
],
"threshold": 0.9
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"file": "print-juniper.c"
},
"signature_type": "Line",
"id": "CVE-2017-12993-03a97090"
},
{
"digest": {
"function_hash": "83568823128265777552301142562219185420",
"length": 717.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_services_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-1f83178e"
},
{
"digest": {
"function_hash": "126794548721270707648705501860940230424",
"length": 512.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_pppoe_atm_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-4c93db58"
},
{
"digest": {
"function_hash": "109873769532887782026671672566975280602",
"length": 663.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_monitor_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-92989016"
},
{
"digest": {
"function_hash": "74016354251759071336481906165082600166",
"length": 944.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_ggsn_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-934d4a8b"
},
{
"digest": {
"function_hash": "12276753169099427173307934016151679336",
"length": 1088.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_atm2_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-93d6d5b6"
},
{
"digest": {
"function_hash": "154793418367459554391140098870034524400",
"length": 792.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_atm1_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-a162ccc4"
},
{
"digest": {
"function_hash": "82404961663861440342229826495973282786",
"length": 6863.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_parse_header",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-acfed2f9"
},
{
"digest": {
"function_hash": "118945358792425435350159445406020138928",
"length": 1647.0
},
"deprecated": false,
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02",
"signature_version": "v1",
"target": {
"function": "juniper_es_print",
"file": "print-juniper.c"
},
"signature_type": "Function",
"id": "CVE-2017-12993-f2b4113f"
}
]
}