CVE-2017-12899
First published: Thu Sep 14 2017(Updated: )
tcpdump. Multiple issues were addressed by updating to version 4.9.2.
Credit: CVE-2017-11108 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tcpdump Tcpdump | <=4.9.1 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Redhat Enterprise Linux Desktop | =7.0 | |
| Redhat Enterprise Linux Server | =7.0 | |
| Redhat Enterprise Linux Server Aus | =7.6 | |
| Redhat Enterprise Linux Server Aus | =7.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT208221 (Advisory)
- http://www.debian.org/security/2017/dsa-3971
- http://www.securitytracker.com/id/1039307
- http://www.tcpdump.org/tcpdump-changes.txt
- https://access.redhat.com/errata/RHEA-2018:0705
- https://github.com/the-tcpdump-group/tcpdump/commit/c6e0531b5def26ecf912e8de6ade86cbdaed3751
- https://github.com/the-tcpdump-group/tcpdump/commit/f96003b21e2abfbba59b926b10a7f9bc7d11e36c
- https://security.gentoo.org/glsa/201709-23
- https://support.apple.com/HT208221
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2016-0736
- CVE-2016-2161
- CVE-2016-5387
- CVE-2016-8740
- CVE-2016-8743
- CVE-2017-3167
- CVE-2017-3169
- CVE-2017-7659
- CVE-2017-7668
- CVE-2017-7679
- CVE-2017-9788
- CVE-2017-9789
- CVE-2017-13786
- CVE-2017-13800
- CVE-2017-13809
- CVE-2017-13820
- CVE-2017-13807
- CVE-2017-13829
- CVE-2017-13833
- CVE-2017-13821
- CVE-2017-13825
- CVE-2017-1000100
- CVE-2017-1000101
- CVE-2017-13801
- CVE-2017-13815
- CVE-2017-13828
- CVE-2017-13811
- CVE-2017-13830
- CVE-2017-11103
- CVE-2017-13819
- CVE-2017-13814
- CVE-2017-13831
- CVE-2017-13906
- CVE-2017-13810
- CVE-2017-13817
- CVE-2017-13818
- CVE-2017-13836
- CVE-2017-13841
- CVE-2017-13840
- CVE-2017-13842
- CVE-2017-13782
- CVE-2017-13843
- CVE-2017-13834
- CVE-2017-13799
- CVE-2017-13852
- CVE-2017-13813
- CVE-2017-13812
- CVE-2016-4736
- CVE-2017-5969
- CVE-2017-5130
- CVE-2017-7376
- CVE-2017-9050
- CVE-2017-9049
- CVE-2018-4390
- CVE-2018-4391
- CVE-2017-13907
- CVE-2017-13824
- CVE-2017-13846
- CVE-2017-10140
- CVE-2017-13822
- CVE-2017-7132
- CVE-2017-13823
- CVE-2017-13808
- CVE-2017-13838
- CVE-2017-7170
- CVE-2017-7150
- CVE-2017-13908
- CVE-2017-13804
- CVE-2017-11108
- CVE-2017-11541
- CVE-2017-11542
- CVE-2017-11543
- CVE-2017-12893
- CVE-2017-12894
- CVE-2017-12895
- CVE-2017-12896
- CVE-2017-12897
- CVE-2017-12898
- CVE-2017-12899
- CVE-2017-12900
- CVE-2017-12901
- CVE-2017-12902
- CVE-2017-12985
- CVE-2017-12986
- CVE-2017-12987
- CVE-2017-12988
- CVE-2017-12989
- CVE-2017-12990
- CVE-2017-12991
- CVE-2017-12992
- CVE-2017-12993
- CVE-2017-12994
- CVE-2017-12995
- CVE-2017-12996
- CVE-2017-12997
- CVE-2017-12998
- CVE-2017-12999
- CVE-2017-13000
- CVE-2017-13001
- CVE-2017-13002
- CVE-2017-13003
- CVE-2017-13004
- CVE-2017-13005
- CVE-2017-13006
- CVE-2017-13007
- CVE-2017-13008
- CVE-2017-13009
- CVE-2017-13010
- CVE-2017-13011
- CVE-2017-13012
- CVE-2017-13013
- CVE-2017-13014
- CVE-2017-13015
- CVE-2017-13016
- CVE-2017-13017
- CVE-2017-13018
- CVE-2017-13019
- CVE-2017-13020
- CVE-2017-13021
- CVE-2017-13022
- CVE-2017-13023
- CVE-2017-13024
- CVE-2017-13025
- CVE-2017-13026
- CVE-2017-13027
- CVE-2017-13028
- CVE-2017-13029
- CVE-2017-13030
- CVE-2017-13031
- CVE-2017-13032
- CVE-2017-13033
- CVE-2017-13034
- CVE-2017-13035
- CVE-2017-13036
- CVE-2017-13037
- CVE-2017-13038
- CVE-2017-13039
- CVE-2017-13040
- CVE-2017-13041
- CVE-2017-13042
- CVE-2017-13043
- CVE-2017-13044
- CVE-2017-13045
- CVE-2017-13046
- CVE-2017-13047
- CVE-2017-13048
- CVE-2017-13049
- CVE-2017-13050
- CVE-2017-13051
- CVE-2017-13052
- CVE-2017-13053
- CVE-2017-13054
- CVE-2017-13055
- CVE-2017-13687
- CVE-2017-13688
- CVE-2017-13689
- CVE-2017-13690
- CVE-2017-13725
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13080
Frequently Asked Questions
What is CVE-2017-12899?
CVE-2017-12899 is a vulnerability in tcpdump that allows an attacker to cause a denial of service or potentially execute arbitrary code.
How severe is CVE-2017-12899?
CVE-2017-12899 has a severity rating of 9.8 out of 10, which is considered critical.
Which software versions are affected by CVE-2017-12899?
Tcpdump versions up to and including 4.9.1 are affected. Debian Linux 9.0, Debian Linux 10.0, Red Hat Enterprise Linux Desktop 7.0, Red Hat Enterprise Linux Server 7.0, Red Hat Enterprise Linux Server Aus 7.6, Apple macOS High Sierra up to 10.13.1, Apple Sierra, and Apple El Capitan are also affected.
How do I fix CVE-2017-12899?
To fix CVE-2017-12899, update tcpdump to version 4.9.2. For operating system vulnerabilities, apply the relevant security patches.
Where can I find more information about CVE-2017-12899?
You can find more information about CVE-2017-12899 on the Debian Security Advisory DSA-3971, SecurityTracker, and the official tcpdump website.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/apple-support
- alias/CVE-2017-11541
- alias/CVE-2017-11542
- alias/CVE-2017-11543
- alias/CVE-2017-12893
- alias/CVE-2017-12894
- alias/CVE-2017-12895
- alias/CVE-2017-12896
- alias/CVE-2017-12897
- alias/CVE-2017-12898
- alias/CVE-2017-12899
- alias/CVE-2017-12900
- alias/CVE-2017-12901
- alias/CVE-2017-12902
- alias/CVE-2017-12985
- alias/CVE-2017-12986
- alias/CVE-2017-12987
- alias/CVE-2017-12988
- alias/CVE-2017-12989
- alias/CVE-2017-12990
- alias/CVE-2017-12991
- alias/CVE-2017-12992
- alias/CVE-2017-12993
- alias/CVE-2017-12994
- alias/CVE-2017-12995
- alias/CVE-2017-12996
- alias/CVE-2017-12997
- alias/CVE-2017-12998
- alias/CVE-2017-12999
- alias/CVE-2017-13000
- alias/CVE-2017-13001
- alias/CVE-2017-13002
- alias/CVE-2017-13003
- alias/CVE-2017-13004
- alias/CVE-2017-13005
- alias/CVE-2017-13006
- alias/CVE-2017-13007
- alias/CVE-2017-13008
- alias/CVE-2017-13009
- alias/CVE-2017-13010
- alias/CVE-2017-13011
- alias/CVE-2017-13012
- alias/CVE-2017-13013
- alias/CVE-2017-13014
- alias/CVE-2017-13015
- alias/CVE-2017-13016
- alias/CVE-2017-13017
- alias/CVE-2017-13018
- alias/CVE-2017-13019
- alias/CVE-2017-13020
- alias/CVE-2017-13021
- alias/CVE-2017-13022
- alias/CVE-2017-13023
- alias/CVE-2017-13024
- alias/CVE-2017-13025
- alias/CVE-2017-13026
- alias/CVE-2017-13027
- alias/CVE-2017-13028
- alias/CVE-2017-13029
- alias/CVE-2017-13030
- alias/CVE-2017-13031
- alias/CVE-2017-13032
- alias/CVE-2017-13033
- alias/CVE-2017-13034
- alias/CVE-2017-13035
- alias/CVE-2017-13036
- alias/CVE-2017-13037
- alias/CVE-2017-13038
- alias/CVE-2017-13039
- alias/CVE-2017-13040
- alias/CVE-2017-13041
- alias/CVE-2017-13042
- alias/CVE-2017-13043
- alias/CVE-2017-13044
- alias/CVE-2017-13045
- alias/CVE-2017-13046
- alias/CVE-2017-13047
- alias/CVE-2017-13048
- alias/CVE-2017-13049
- alias/CVE-2017-13050
- alias/CVE-2017-13051
- alias/CVE-2017-13052
- alias/CVE-2017-13053
- alias/CVE-2017-13054
- alias/CVE-2017-13055
- alias/CVE-2017-13687
- alias/CVE-2017-13688
- alias/CVE-2017-13689
- alias/CVE-2017-13690
- alias/CVE-2017-13725
- agent/software-canonical-lookup-request
- agent/event
- agent/remedy
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/tcpdump
- canonical/tcpdump tcpdump
- version/tcpdump tcpdump/4.9.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/7.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/7.0
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/7.6
- version/redhat enterprise linux server aus/7.7
- vendor/apple
- canonical/apple macos high sierra
- canonical/apple sierra
- canonical/apple el capitan