{"id":"CVE-2019-15162","details":"rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.","modified":"2026-03-20T11:28:17.963596Z","published":"2019-10-03T19:15:09.300Z","related":["MGASA-2019-0297"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"},{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Dec/23"},{"type":"WEB","url":"https://support.apple.com/kb/HT210785"},{"type":"WEB","url":"https://support.apple.com/kb/HT210789"},{"type":"WEB","url":"https://support.apple.com/kb/HT210790"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/"},{"type":"WEB","url":"https://support.apple.com/kb/HT210788"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2019/Dec/26"},{"type":"ADVISORY","url":"https://www.tcpdump.org/public-cve-list.txt"},{"type":"ADVISORY","url":"https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES"},{"type":"FIX","url":"https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/the-tcpdump-group/libpcap","events":[{"introduced":"0"},{"fixed":"d396f255cf7b96a09cf91d0e8cc94d23777d6986"},{"fixed":"484d60cbf7ca4ec758c3cbb8a82d68b244a78d58"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.9.1"}]}}],"versions":["libpcap-0.6.1","libpcap-0.7.1","libpcap-0.8-bp","libpcap-1.3-bp","libpcap-1.5.0","libpcap-1.6.0-bp","libpcap-1.7.0-bp","libpcap-1.8.0-bp","libpcap-1.8.1","libpcap-1.9-bp","libpcap-1.9.0","libpcap-1.9.0-rc1","libpcap-1.9.0rc2"],"database_specific":{"vanir_signatures":[{"deprecated":false,"id":"CVE-2019-15162-d35eea64","target":{"file":"rpcapd/daemon.c"},"signature_type":"Line","digest":{"line_hashes":["203218165793247605291152477239250471673","135035836020077286296752488042683816331","201130064081591389816476248782899393497","179506128223297802924571082123727197","209189528472105843429261291516351295473","250692404832172809371658854908177213552","228519267060922244099695564245364326361","306178780511032095971366377463787046713","88124244648201747050910716751917504060","170044145758273295467985992252875559250","250836292658809617855293150416593748047","303342207229297478213041099116873481529","190316354165235365199925494994296124331","4938578368501337023318029203796915993","229921227794494969478612959920002478308","14367959613646042594367344083707927502","333996056665195799046946110196262472424","296730462512446388714671358033761915948","290703427840756888399817727826102296932","16422220647111171505177835350418354620","170833675428341065641198560793754937950","298949602543325989700071132477016449317","290703427840756888399817727826102296932","100096547539589140696200594377928882488","302596700785705990068512742105079661239","117388003416314648747621577878973441344","116555399080073963785629907126711879561","316743430081178713481380961915361306982","212248955420899285840911797991728011582","49716597550431454831504076668423071599","184289662958832525507760128981013841355","93814252788326047824995378751785492439","171966232858749635880966484738063947260","264065505499842170962462970747837466776","290703427840756888399817727826102296932","9509977226094249694807565717856573626","201369769741677490156653955820277795863","140324089718405645471469070234806487476","158895547741918936081835219736659248393","102727622675810349552294921252344196251","338360913147717500161251542464192599507","101483709478573859964240658093025518170","75183157309910080429671363086039366595","121693178985597992114876125156697748833"],"threshold":0.9},"signature_version":"v1","source":"https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58"},{"deprecated":false,"id":"CVE-2019-15162-f99c4a18","target":{"file":"rpcapd/daemon.c","function":"daemon_AuthUserPwd"},"signature_type":"Function","digest":{"length":1552,"function_hash":"172070314715106391086277101561704977713"},"signature_version":"v1","source":"https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-15162.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}