{"id":"CVE-2017-12993","details":"The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions.","modified":"2026-04-16T06:15:19.595389822Z","published":"2017-09-14T06:29:00.857Z","related":["SUSE-SU-2017:2854-1","SUSE-SU-2019:14191-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"WEB","url":"http://www.securitytracker.com/id/1039307"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"b534e304568585707c4a92422aeca25cf908ff02"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"vanir_signatures":[{"target":{"file":"print-juniper.c"},"signature_version":"v1","signature_type":"Line","deprecated":false,"id":"CVE-2017-12993-03a97090","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","digest":{"threshold":0.9,"line_hashes":["270084028936393464971082461733321351693","106083757931322633041386808562751495050","179359126659455982470998776578117150592","95902246208100538185362256414899521892","256660957907151844444930599858007855744","186062363808162653573599473466793219506","132118712088830692188528375557678767470","222801170588770004276296419497554722957","282113220204086854748625560341708801267","191569146088933487599138618954230122301","323131920038022829750300653250769713967","129060009480629713702800682741855256755","54408006696250695083186251935796390077","245230253746055068525999215229923349395","305776387313707955938558625234366181635","258422521374122601663924905987749854801","240783352854252400132537517555530089028","46500771863142756781059302955245113535","171001976477756269627364055333438664125","28662132009700334755035659637373358296","89963661794456977503404375748512140525","1469825168830174955367203752841375753","302708064910339863911742432642595610729","202692110479686862576991751752862931174","77603141308854426748365650931526145420","29991183975108930813593573445549821694","28662132009700334755035659637373358296","28847973159584350833429535669295513402","155682369322867757846241953890682189229","9562984142252889121839694135588217083","281072651391572011329785708277999749200","317264406936897214651820504493009762855","25016146098936957089987370770310835836","237250819103399039278794453788675835755","302061328384954427481746162909216934485","257392887346723217959132578796639910181","89603413190043199621468293878493689962","215202163642535277858713871518072729862","274245048270878345603596238983402958928","218592107056257505587897080748679880935","218435048218732851653529297515742496022","37809318458422039130730887656142586740","257392887346723217959132578796639910181","89603413190043199621468293878493689962","215202163642535277858713871518072729862","153146374384851104142286050249546785948","218592107056257505587897080748679880935","218435048218732851653529297515742496022","244370925488423979975711856577238563034","304427864444944577307279699654603512933","267583017831215741941608465167494480382","312087356249241394501882381640017454654","288266471533100708999979240581210180069","181672082229793536462055951625575451209","204791441303601394492092924819834562631","109900828776566170748528583635431653154","57632619849935761436025877264007513255","303410437778313289041521032192756458922","204791441303601394492092924819834562631","109900828776566170748528583635431653154"]}},{"signature_version":"v1","target":{"function":"juniper_services_print","file":"print-juniper.c"},"signature_type":"Function","digest":{"function_hash":"83568823128265777552301142562219185420","length":717},"id":"CVE-2017-12993-1f83178e","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"target":{"function":"juniper_pppoe_atm_print","file":"print-juniper.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"126794548721270707648705501860940230424","length":512},"id":"CVE-2017-12993-4c93db58","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"target":{"function":"juniper_monitor_print","file":"print-juniper.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"109873769532887782026671672566975280602","length":663},"id":"CVE-2017-12993-92989016","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"signature_version":"v1","target":{"function":"juniper_ggsn_print","file":"print-juniper.c"},"signature_type":"Function","digest":{"function_hash":"74016354251759071336481906165082600166","length":944},"id":"CVE-2017-12993-934d4a8b","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"target":{"function":"juniper_atm2_print","file":"print-juniper.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"12276753169099427173307934016151679336","length":1088},"id":"CVE-2017-12993-93d6d5b6","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"signature_version":"v1","target":{"function":"juniper_atm1_print","file":"print-juniper.c"},"signature_type":"Function","digest":{"function_hash":"154793418367459554391140098870034524400","length":792},"id":"CVE-2017-12993-a162ccc4","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"target":{"function":"juniper_parse_header","file":"print-juniper.c"},"signature_version":"v1","signature_type":"Function","digest":{"function_hash":"82404961663861440342229826495973282786","length":6863},"id":"CVE-2017-12993-acfed2f9","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","deprecated":false},{"target":{"function":"juniper_es_print","file":"print-juniper.c"},"signature_version":"v1","signature_type":"Function","deprecated":false,"id":"CVE-2017-12993-f2b4113f","source":"https://github.com/the-tcpdump-group/tcpdump/commit/b534e304568585707c4a92422aeca25cf908ff02","digest":{"function_hash":"118945358792425435350159445406020138928","length":1647}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12993.json","vanir_signatures_modified":"2026-04-11T03:56:55Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}