CVE-2019-15162

Опубликовано: 20 сент. 2019

Источник: redhat

CVSS3: 5.3

EPSS Низкий

Описание

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

Отчет

This issue did not affect the versions of libpcap as shipped with Red Hat Enterprise Linux 6, 7, and 8 as they did not include support for RPCAPD.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	libpcap	Not affected
Red Hat Enterprise Linux 7	libpcap	Not affected
Red Hat Enterprise Linux 8	libpcap	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1760622libpcap: Information disclosure in rpcapd/daemon.c

EPSS

Процентиль: 77%

0.01042

Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2019-15162

CVSS3: 5.3

ubuntu

больше 6 лет назад

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

CVE-2019-15162

CVSS3: 5.3

nvd

больше 6 лет назад

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

CVE-2019-15162

CVSS3: 5.3

debian

больше 6 лет назад

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provi ...

GHSA-cwvm-qvg8-342x

CVSS3: 5.3

github

больше 3 лет назад

rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.

EPSS

Процентиль: 77%

0.01042

Низкий

5.3 Medium

CVSS3