{"id":"CVE-2017-13690","details":"The IKEv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c, several functions.","modified":"2026-04-16T06:19:06.100367508Z","published":"2017-09-14T06:29:03.403Z","related":["SUSE-SU-2017:2854-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://support.apple.com/HT208221"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1039307"},{"type":"ADVISORY","url":"http://www.tcpdump.org/tcpdump-changes.txt"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHEA-2018:0705"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201709-23"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3971"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/tcpdump/commit/8dca25d26c7ca2caf6138267f6f17111212c156e"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"last_affected":"993a67c8e648bc8b19881e29a60f41273cfbee7b"},{"fixed":"8dca25d26c7ca2caf6138267f6f17111212c156e"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9.1"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp","tcpdump-4.9.0","tcpdump-4.9.0-bp","tcpdump-4.9.1"],"database_specific":{"vanir_signatures":[{"deprecated":false,"digest":{"threshold":0.9,"line_hashes":["288303206815063071444976806863575406109","197522240038908396823623330607715236239","148802145652830577150781074882921075218","26991910271183248959422571194610148734","24311259169816663942481788210018546486","223869914729728000827177297719049351135","280012111637951065287198526056617736799","52571959340889907731159754660933890535","24311259169816663942481788210018546486","223869914729728000827177297719049351135","280012111637951065287198526056617736799","52571959340889907731159754660933890535","220702710856966676041308658784087976543","260033209646620660514725128234100886636","217332147909525353162305691965380244046","26991910271183248959422571194610148734","220702710856966676041308658784087976543","260033209646620660514725128234100886636","217332147909525353162305691965380244046","26991910271183248959422571194610148734","220702710856966676041308658784087976543","260033209646620660514725128234100886636","217332147909525353162305691965380244046","26991910271183248959422571194610148734","280625624614270977117372978300236534601","71036110205656248740253237064885510569","217332147909525353162305691965380244046","26991910271183248959422571194610148734","174579763635317718049693707856786511706","84953133567910763396430701003380471262","154700459313122489161817712129444549901","169678471205940990271230654115964999948","84953133567910763396430701003380471262","154700459313122489161817712129444549901","120357185471365869442744825327288930681","120768957341962753938356267643074934443","216229715149979808761071725403094337190","29763415996067823151106505978218381064","304069706884619263823059727446285183353","337046339052945664807206788422864268985","135503407967708129186102407134963727207","15492506954808660412812937869368095039","234472403489172381745181073975536684836","330276087947546011234621400342818874487","172074388982271625753707247044571290522","251724568872002900552238118116740195676","45105592155129172243421170518564625902","134175022597861525950001186406581666381","96514579449962515266092451478459101751","132477617113152664004028784403831927290","271107428444617971712929011055185369964","89622159173051769662102916247815272360","61662722413497063612821694848817714110","200051863270392331585261054326021326550","310017877175793950664541791623071903697","271027972119889231566307310286130530529","212141615795131374975016998420884424463","97729183196028864884345452017638496145","294768727679703161059884341806409385667","94578560215225829637132984779297930404","323734465856242215930095326946580405922","309491104395452579471314838555040486890","94578560215225829637132984779297930404","323734465856242215930095326946580405922","309491104395452579471314838555040486890"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/8dca25d26c7ca2caf6138267f6f17111212c156e","signature_version":"v1","id":"CVE-2017-13690-1e3b5ed5","target":{"file":"print-isakmp.c"},"signature_type":"Line"},{"signature_version":"v1","digest":{"function_hash":"290109167627957511062339855223408326176","length":1040},"id":"CVE-2017-13690-c5c42d11","deprecated":false,"source":"https://github.com/the-tcpdump-group/tcpdump/commit/8dca25d26c7ca2caf6138267f6f17111212c156e","target":{"file":"print-isakmp.c","function":"ikev2_auth_print"},"signature_type":"Function"}],"vanir_signatures_modified":"2026-04-11T04:47:37Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13690.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}