CVE-2017-13032

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-13032
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-13032.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-13032
Downstream
Related
Published
2017-09-14T06:29:02Z
Modified
2025-10-21T04:10:45.176791Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:printattrstring().

References

Affected packages

Git / github.com/the-tcpdump-group/tcpdump

Affected ranges

Type
GIT
Repo
https://github.com/the-tcpdump-group/tcpdump
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1bc78d795cd5cad5525498658f414a11ea0a7e9c

Affected versions

tcpdump-3.*

tcpdump-3.5.1
tcpdump-3.6.1
tcpdump-3.7.1
tcpdump-3.8-bp

tcpdump-4.*

tcpdump-4.5.0
tcpdump-4.6.0
tcpdump-4.6.0-bp
tcpdump-4.7.0-bp
tcpdump-4.9.0-bp

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/1bc78d795cd5cad5525498658f414a11ea0a7e9c",
        "deprecated": false,
        "digest": {
            "function_hash": "241141377411075039503482757685395680420",
            "length": 1265.0
        },
        "target": {
            "function": "print_attr_string",
            "file": "print-radius.c"
        },
        "id": "CVE-2017-13032-11fdddc0",
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/the-tcpdump-group/tcpdump/commit/1bc78d795cd5cad5525498658f414a11ea0a7e9c",
        "deprecated": false,
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "62975693570377776929219114318372177903",
                "68766361870239220007506086742862553421",
                "315460516360434777185257708922667502841",
                "62931070649044968405499314807497441611",
                "119691883633397954657737345867309404705",
                "245848018572636997491360716072619851839",
                "114100562274327671508475136304839539397",
                "125783435119362078598988645170451992619",
                "180662839983502723112949022024495058375",
                "148119653296506442568677262919226620566",
                "62931070649044968405499314807497441611",
                "239905365260399353792893094964596575042",
                "79754071405226913173249817634585381359",
                "2429725188559018156957338159783206236",
                "329638628441603352638975266602777845557",
                "231149691400414026326462795992421347951",
                "82689482812896030797791665016248933995",
                "106779593114395515877069468741528081320",
                "151693998821998223638207783333117424858",
                "284697388102345533407843947443014231533",
                "164457272495319341297276788547094604256",
                "245031799739031561170418282467795828691"
            ]
        },
        "target": {
            "file": "print-radius.c"
        },
        "id": "CVE-2017-13032-88ffff81",
        "signature_version": "v1",
        "signature_type": "Line"
    }
]