CVE-2019-15162

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2019-15162
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15162.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-15162
Downstream
Related
Published
2019-10-03T19:15:09Z
Modified
2025-10-15T10:19:13.576904Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

References

Affected packages

Git / github.com/the-tcpdump-group/libpcap

Affected ranges

Type
GIT
Repo
https://github.com/the-tcpdump-group/libpcap
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
484d60cbf7ca4ec758c3cbb8a82d68b244a78d58

Affected versions

libpcap-0.*

libpcap-0.6.1
libpcap-0.7.1
libpcap-0.8-bp

libpcap-1.*

libpcap-1.3-bp
libpcap-1.5.0
libpcap-1.6.0-bp
libpcap-1.7.0-bp
libpcap-1.8.0-bp
libpcap-1.8.1
libpcap-1.9-bp
libpcap-1.9.0
libpcap-1.9.0-rc1
libpcap-1.9.0rc2

Database specific

vanir_signatures

[
    {
        "digest": {
            "line_hashes": [
                "203218165793247605291152477239250471673",
                "135035836020077286296752488042683816331",
                "201130064081591389816476248782899393497",
                "179506128223297802924571082123727197",
                "209189528472105843429261291516351295473",
                "250692404832172809371658854908177213552",
                "228519267060922244099695564245364326361",
                "306178780511032095971366377463787046713",
                "88124244648201747050910716751917504060",
                "170044145758273295467985992252875559250",
                "250836292658809617855293150416593748047",
                "303342207229297478213041099116873481529",
                "190316354165235365199925494994296124331",
                "4938578368501337023318029203796915993",
                "229921227794494969478612959920002478308",
                "14367959613646042594367344083707927502",
                "333996056665195799046946110196262472424",
                "296730462512446388714671358033761915948",
                "290703427840756888399817727826102296932",
                "16422220647111171505177835350418354620",
                "170833675428341065641198560793754937950",
                "298949602543325989700071132477016449317",
                "290703427840756888399817727826102296932",
                "100096547539589140696200594377928882488",
                "302596700785705990068512742105079661239",
                "117388003416314648747621577878973441344",
                "116555399080073963785629907126711879561",
                "316743430081178713481380961915361306982",
                "212248955420899285840911797991728011582",
                "49716597550431454831504076668423071599",
                "184289662958832525507760128981013841355",
                "93814252788326047824995378751785492439",
                "171966232858749635880966484738063947260",
                "264065505499842170962462970747837466776",
                "290703427840756888399817727826102296932",
                "9509977226094249694807565717856573626",
                "201369769741677490156653955820277795863",
                "140324089718405645471469070234806487476",
                "158895547741918936081835219736659248393",
                "102727622675810349552294921252344196251",
                "338360913147717500161251542464192599507",
                "101483709478573859964240658093025518170",
                "75183157309910080429671363086039366595",
                "121693178985597992114876125156697748833"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2019-15162-d35eea64",
        "target": {
            "file": "rpcapd/daemon.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58",
        "signature_type": "Line"
    },
    {
        "digest": {
            "function_hash": "172070314715106391086277101561704977713",
            "length": 1552.0
        },
        "id": "CVE-2019-15162-f99c4a18",
        "target": {
            "function": "daemon_AuthUserPwd",
            "file": "rpcapd/daemon.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58",
        "signature_type": "Function"
    }
]