← Back

CVE-2017-12896

nvd nist
Published: Sep 14, 2017Modified: May 13, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

Affected (7)

Tcpdump
1 product
Tcpdump
Debian
1 product
Debian Linux
Redhat
3 products
Enterprise Linux Desktop
Enterprise Linux Server
Enterprise Linux Server Aus
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Tcpdump
Up to 4.9.1
Configuration B
6 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 10.0
Debian Linux
Version 9.0
Enterprise Linux Desktop
Version 7.0
Enterprise Linux Server
Version 7.0
Redhat
Enterprise Linux Server Aus
Version 7.6
Enterprise Linux Server Aus
Version 7.7

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (16)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue TrackingThird Party Advisory
Source: cve@mitre.org
Issue TrackingPatchThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.