CVE-2017-12989

The RESP parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-resp.c:resp_get_length().

Affected products Warnungen 0 Metrics 3 CWE 1 References 10

Data is provided by the National Vulnerability Database (NVD)

Tcpdump ≫ Tcpdump Version <= 4.9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.14%	0.765

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Vendor Advisory

Patch

Third Party Advisory

Issue Tracking

CVE Source (NVD)

CVE Source (JSON)

EUVD