CVE-2017-12993 — Out-of-bounds Read in Tcpdump
Severity
9.8CRITICALNVD
OSV7.5
EPSS
1.1%
top 21.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 14
Latest updateMay 13
Description
The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages5 packages
Patches
🔴Vulnerability Details
3📋Vendor Advisories
6Apple▶
CVE-2017-12993: macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan↗2017-10-31
Juniper▶
CVE-2017-12993: The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.↗2017-09-14
Red Hat▶
tcpdump: Buffer over-read in print-juniper.c, several functions in Juniper protocols parser↗2017-09-13
💬Community
3Bugzilla▶
CVE-2017-13004 tcpdump: Buffer over-read in print-juniper.c:juniper_parse_header() in Juniper protocols parser↗2017-09-11
Bugzilla▶
CVE-2017-12993 tcpdump: Buffer over-read in print-juniper.c, several functions in Juniper protocols parser↗2017-09-11
Bugzilla▶
CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-11544 CVE-2017-11545 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2↗2017-07-26