rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.
[ { "signature_type": "Line", "deprecated": false, "source": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58", "signature_version": "v1", "target": { "file": "rpcapd/daemon.c" }, "digest": { "threshold": 0.9, "line_hashes": [ "203218165793247605291152477239250471673", "135035836020077286296752488042683816331", "201130064081591389816476248782899393497", "179506128223297802924571082123727197", "209189528472105843429261291516351295473", "250692404832172809371658854908177213552", "228519267060922244099695564245364326361", "306178780511032095971366377463787046713", "88124244648201747050910716751917504060", "170044145758273295467985992252875559250", "250836292658809617855293150416593748047", "303342207229297478213041099116873481529", "190316354165235365199925494994296124331", "4938578368501337023318029203796915993", "229921227794494969478612959920002478308", "14367959613646042594367344083707927502", "333996056665195799046946110196262472424", "296730462512446388714671358033761915948", "290703427840756888399817727826102296932", "16422220647111171505177835350418354620", "170833675428341065641198560793754937950", "298949602543325989700071132477016449317", "290703427840756888399817727826102296932", "100096547539589140696200594377928882488", "302596700785705990068512742105079661239", "117388003416314648747621577878973441344", "116555399080073963785629907126711879561", "316743430081178713481380961915361306982", "212248955420899285840911797991728011582", "49716597550431454831504076668423071599", "184289662958832525507760128981013841355", "93814252788326047824995378751785492439", "171966232858749635880966484738063947260", "264065505499842170962462970747837466776", "290703427840756888399817727826102296932", "9509977226094249694807565717856573626", "201369769741677490156653955820277795863", "140324089718405645471469070234806487476", "158895547741918936081835219736659248393", "102727622675810349552294921252344196251", "338360913147717500161251542464192599507", "101483709478573859964240658093025518170", "75183157309910080429671363086039366595", "121693178985597992114876125156697748833" ] }, "id": "CVE-2019-15162-d35eea64" }, { "signature_type": "Function", "deprecated": false, "source": "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58", "signature_version": "v1", "target": { "function": "daemon_AuthUserPwd", "file": "rpcapd/daemon.c" }, "digest": { "function_hash": "172070314715106391086277101561704977713", "length": 1552.0 }, "id": "CVE-2019-15162-f99c4a18" } ]