{"id":"CVE-2017-5202","details":"The ISO CLNS parser in tcpdump before 4.9.0 has a buffer overflow in print-isoclns.c:clnp_print().","modified":"2026-04-16T06:16:47.430852931Z","published":"2017-01-28T01:59:01.047Z","related":["SUSE-SU-2017:0656-1","SUSE-SU-2017:1110-1","openSUSE-SU-2024:11425-1"],"references":[{"type":"WEB","url":"https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1494526.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201702-30"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3775"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95852"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1037755"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1871"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/tcpdump","events":[{"introduced":"0"},{"fixed":"cae54f4d943f163541dc7a90f7f5b432859955e4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.9.0"}]}}],"versions":["tcpdump-3.5.1","tcpdump-3.6.1","tcpdump-3.7.1","tcpdump-3.8-bp","tcpdump-4.5.0","tcpdump-4.6.0","tcpdump-4.6.0-bp","tcpdump-4.7.0-bp"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-5202.json","vanir_signatures":[{"signature_type":"Function","signature_version":"v1","deprecated":false,"id":"CVE-2017-5202-2ba3af18","digest":{"function_hash":"31486734027380005103230538229483283558","length":2587},"target":{"file":"print-ether.c","function":"ethertype_print"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4"},{"signature_type":"Line","signature_version":"v1","deprecated":false,"id":"CVE-2017-5202-4cb9a0ba","digest":{"threshold":0.9,"line_hashes":["289962869142539033919548699903735971895","321187814844074319440356878954916582618","96278794428690994985504688327165122951","334924286569736786368128921431302191310"]},"target":{"file":"print-ether.c"},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4"},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","signature_version":"v1","deprecated":false,"id":"CVE-2017-5202-7041f422","digest":{"threshold":0.9,"line_hashes":["208063356587562841728207749352312617633","94369104648756919419866969560637031504","158530789875360221930177539868533298858","253446335086249471187651377860820435235"]},"signature_type":"Line","target":{"file":"netdissect.h"}},{"target":{"file":"print-medsa.c"},"signature_version":"v1","deprecated":false,"id":"CVE-2017-5202-90c9aa2a","digest":{"threshold":0.9,"line_hashes":["114946376029719487727067709523051033051","227334674829184980067944298911146947115","210376600301944043403573276686938546462","178848560193805662289114191287577780030","275264082656881882204531968707571331121","125472290036734832543852872169378264835","173676936645231007527992549401569557625","288479365740565370114994721279060580351","109609806529605983880753254914716894236","142606612004130782709107352262636392155","29719618684433844042017610474921887645","226023839603229667093098466115918767045","72712425789080240366374511061789058613","151346982239502861005805789530967240933","336759652068049672908093915736280119824","206371089863004604069910662208531735471","223713852872945044680520491862189426699","190210319895479423224763214308807174099","79472329640795828550526242935079441795","337237102835808452012520121951202183188","326954748457766422394896389595937310919","164383034353028065510931221836837725166","232747210196469577238906567634162708264","100592845038565327953900512326475285722","109264432762985498185441714222958983220"]},"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","signature_type":"Line"},{"source":"https://github.com/the-tcpdump-group/tcpdump/commit/cae54f4d943f163541dc7a90f7f5b432859955e4","signature_version":"v1","deprecated":false,"id":"CVE-2017-5202-e7c0e582","digest":{"function_hash":"285468102648205064789132629197542510522","length":1324},"signature_type":"Function","target":{"file":"print-medsa.c","function":"medsa_print"}}],"vanir_signatures_modified":"2026-04-11T04:14:34Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}