~/cve/CVE-2017-5202

pipeline liveDigest Docs

CVE-2017-5202

published 2017-01-28

CVE-2017-5202: The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

critical9.8CVSS 3.0

AVNACLPRNUINSUCHIHAH

The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().

Affected

18 ranges

Vendor	Product	Version range	Fixed in
apple	macos_sierra_10.12.4_security_update_2017-001_el_capitan_and_security_update_201	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	tcpdump	< tcpdump 4.9.0-1 (bookworm)	tcpdump 4.9.0-1 (bookworm)
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_tus	—	—
redhat	enterprise_linux_workstation	—	—
tcpdump	tcpdump	< 4.9.0	4.9.0
tcpdump	tcpdump	>= 0 < 4.9.0-1	4.9.0-1
tcpdump	tcpdump	>= 0 < 4.9.0-1	4.9.0-1
tcpdump	tcpdump	>= 0 < 4.9.0-1	4.9.0-1
tcpdump	tcpdump	>= 0 < 4.9.0-1	4.9.0-1

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

osv9.8CRITICAL