CVE-2017-13006
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-13006
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-13006.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-13006
- Downstream
- Related
- Published
- 2017-09-14T06:29:01Z
- Modified
- 2025-10-13T06:56:55.148476Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.
- References
-
- http://www.debian.org/security/2017/dsa-3971
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165
- https://security.gentoo.org/glsa/201709-23
- http://www.securitytracker.com/id/1039307
- https://support.apple.com/HT208221
Affected packages
Git / github.com/the-tcpdump-group/tcpdump
Affected ranges
- Type
- GIT
- Repo
- https://github.com/the-tcpdump-group/tcpdump
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
tcpdump-3.*
tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp
tcpdump-4.*
tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp
Database specific
{
"vanir_signatures": [
{
"target": {
"function": "l2tp_result_code_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-10a5a623",
"digest": {
"length": 376.0,
"function_hash": "12360542014346330983765763560780256411"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_proto_ver_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-30483a2e",
"digest": {
"length": 162.0,
"function_hash": "52558931865659676154107312785823326536"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_framing_type_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-3424da4f",
"digest": {
"length": 290.0,
"function_hash": "76758662026062456999569685972371346412"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_msgtype_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-36325338",
"digest": {
"length": 210.0,
"function_hash": "201408560631760329084973153777851273534"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_framing_cap_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-53f7711c",
"digest": {
"length": 288.0,
"function_hash": "36429273488193256751845501840978946999"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_bearer_type_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-60254988",
"digest": {
"length": 292.0,
"function_hash": "272513480407073095453571446722671097816"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_q931_cc_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-abaac653",
"digest": {
"length": 273.0,
"function_hash": "73434667952927185225365692614825897144"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_bearer_cap_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-b74c06c8",
"digest": {
"length": 290.0,
"function_hash": "317279577655929906267225112774900765589"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_accm_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-bff3fe9c",
"digest": {
"length": 398.0,
"function_hash": "143998765014152736802926923251461253839"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_avp_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-c79191a6",
"digest": {
"length": 3510.0,
"function_hash": "84994347345451244214746547934071860562"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_proxy_auth_id_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-cacde5a7",
"digest": {
"length": 188.0,
"function_hash": "118278631828872769326073990839963869749"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_ppp_discon_cc_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-d2142823",
"digest": {
"length": 481.0,
"function_hash": "180195631283219448811693770508833080924"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_call_errors_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-e5aaa046",
"digest": {
"length": 926.0,
"function_hash": "68724224476715629104242843988483797538"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-e6446457",
"digest": {
"threshold": 0.9,
"line_hashes": [
"46256387313671004827182761278814921008",
"111925405885626604618079351654750238026",
"268535142397045478834351381876840516417",
"289589531026531630649115719834128844566",
"298377952194163429384140157715525909551",
"248345096319996955169371576650241639282",
"178198535281581740275533463750171972648",
"315146458060276767371432090776357662820",
"247999619408042915928503794374930607626",
"116588503004297856792960119961288588967",
"57995249533032935143672046582030379804",
"289384050833521497877324746758826091281",
"157102356248661959709473711855152184951",
"297282685968807272619377515274898191377",
"243296078163250737275493038343557899594",
"136864348170847879035562712217404517371",
"93307895193281421969504409348966619348",
"196873511201881412582485271438271285861",
"170982250618533100736151408264317060665",
"297667385267334517135213198078913827574",
"218966073308708664073456592032404170017",
"294575031052527611748257468854233229099",
"52934449581977605941538295825752499613",
"269027721942816304829627667014597491676",
"115165325710227589186139538358626485070",
"53222443356869224277222910704814737735",
"336326059970030699755401138940637594177",
"249234216497237865142795815951310970073",
"263980205480225173764592476872123439806",
"118011051820286111100554578587570272691",
"284083320094611370609759966293551935332",
"208912789859063710567111058360853524538",
"155639317360588410403206842810697079201",
"206939654270255665078007788010974990942",
"213634071805187291459434623005978172366",
"79587153988420860584121174774813853679",
"122489267672808534171145990924769514557",
"201715461620782056915303834883043332591",
"47944754734464715239305779900334605164",
"124103994998955859511635153033296705030",
"75670702529884566739747760241168549044",
"159148873395781349388190991845690088633",
"264082204892769102464089022468855318256",
"31252019650769260327053094078766556683",
"283118105077977851856896190180775511246",
"317374449928827674318696598632879428432",
"208849020789235278505080311904965159904",
"230447539535340023849191609251939683711",
"231234402522961309789830067513535682180",
"294497698541166975669890156376274391013",
"294270781055591435815130086156698527492",
"326973112764875372019763228924192000350",
"177419997076129975129366487256705963545",
"94366069056001219019260801069464864820",
"156858663098556219020772938624336867507",
"82819379449209040264453776271090791836",
"199869247193887155176164851595893600549",
"42325009290561389220693829345357983601",
"187223897434831553185348165963667391619",
"133526621935629556565411540879045555497",
"311233014992215870796191102042915559027",
"155697267494730658830582517308289712027",
"302691480473664051677082801912182719258",
"253123117641985573798488045392625808558",
"66152629092470015592659549469686862528",
"198695729282763817046713882943370207353",
"12535276889144603749931480778585735997",
"165390705911005666115000962583521434719",
"287367878373877563680302394968474316127",
"313216707797707169368718567744779259412",
"65933026455423311753013530280672957489",
"254355088532631823954977079651576475087",
"5752724587223857658282621241452888871",
"325096344148721721635426957538737762114",
"7620162284429333949499449122559826593",
"338014758841293056605723082072639277369",
"270982900649708779257682528606942669920",
"221091855390067160090322405026018694469",
"177661490056670427846793025776954808650",
"16533779093557321954202185165678823505",
"234298949030820555591083858677347734631",
"181433688547348413051828159910662616299",
"147710042266034941484449117818693732197",
"269435629729984225722966107752907353206",
"38920153031942573600109858734819066380",
"1100700915982399389719010457721413990",
"173597485040672521307951369471380309220",
"211785713464937543805101474599155208066",
"184956697717763864287559726815544328762",
"271663437875716189157165633743798760824",
"34245322241502370119785327702564359126",
"170821586152048033635576176109387219956",
"222706615400598000811487014029718914663",
"181822555651500953530359225957093198047",
"220278729772481210440727897457869315832",
"145161237343685314977352675145949479064",
"192223747181676627689979819367254304993",
"5752724587223857658282621241452888871",
"325096344148721721635426957538737762114",
"7620162284429333949499449122559826593",
"333100563679873842518405242600212708025",
"120274537607377066197235691938754316639",
"184591652948060457385927464817438321444",
"168256418911913650940737815057808600182",
"44802818539959998055184789409983409280",
"135601939484800924303357100319496013096",
"132787796422503548931783948624044615926",
"14419754099303630259296318886242001414",
"265622672265525091516464830772938292587",
"273468251822412126488792547849949152098",
"151059870878826924482118308828211905025",
"317160923938821164247937519826894070125",
"262725148830505572329045337151687843779",
"338847586035588290802936339410892008703",
"176261966608448386773976967757341698157",
"93685326148664573316308531852593757789",
"152590377308464048767172266625526569423",
"290094570631553470245526973885453718065",
"14386167216428867849128286371679746264",
"27382343255788131363135528254258176403",
"331607340763187140558439252355175614640",
"275273719607667955773506982694150589546",
"317773982217794134730821405309994835701",
"140235556552812568897376164138746401538",
"153183028373667301012271148065970257828",
"186272258479624731255163383778148282626",
"164744934065296698632034805787655040973",
"103025510534498844309850078529616069526",
"206005160688018151761750205543329062631",
"113744534394955437004060768734712887589",
"9485213455382097044470066597077498219",
"74265118150290803589588349976188332274",
"207990150885716618258589322856953784686",
"323331435852276980157386522893691858304",
"213395683834341049709334541135498598945",
"140581276237611264965346837272457388103",
"338989102577713537809235306751735947610",
"109135201164480597487215796660862268687",
"59617314264503088087488413347540570376",
"295641238782784110313646778280178381918",
"141022770650791312046622489151878866173",
"42864887637324719956706932832582641989",
"152474266983293980964914517741345807785",
"221718079870431057413178156388224853348",
"171685699327720206791295786472095678528",
"279628347311612933704117908663968537759",
"63243316014697835858962316230471209547",
"75492330031069696667189324734011877316",
"241551689684239941311956490922376118062",
"168651798262533552753397775333089285923",
"21943616435391096490674166473392596364",
"172857055802108653685886218221445892954",
"324859911631542405950718596162975553734",
"336110322981015686410018968654282651779",
"59252222455962288372705621311218304129",
"312016362223386969373442855802911239017",
"245229634900341248591680347563989995647",
"229784890469987687932051899449118281899",
"292856616159694013010620123592355940269",
"316090700344595933594545031014394386886",
"32184646079716284519724681327413963797",
"273890647193546009105981125728377790903",
"40105170129636253917099290899396724448",
"75816691448748983266749451476502967642",
"198970576441062186373947971874838853138",
"37083277442821783483215553700050776397",
"81959273847238836787735277527047451674",
"327827812047835042221412857147974854134",
"234868776222549244684785612644424406440",
"160821852073649955805229031234528529186",
"261131428259044870068896344554959614977"
]
},
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
},
{
"target": {
"function": "l2tp_proxy_auth_type_print",
"file": "print-l2tp.c"
},
"deprecated": false,
"id": "CVE-2017-13006-e8112bda",
"digest": {
"length": 214.0,
"function_hash": "102620912374230505412306504278234414877"
},
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/the-tcpdump-group/tcpdump/commit/cc4a7391c616be7a64ed65742ef9ed3f106eb165"
}
]
}