Vulnerability Name:

CVE-2019-15161 (CCN-168325)

Assigned:2019-10-02
Published:2019-10-02
Updated:2020-08-24
Summary:rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-131
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2019-15161

Source: FULLDISC
Type: UNKNOWN
20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra

Source: XF
Type: UNKNOWN
libpcap-cve201915161-sec-bypass(168325)

Source: CCN
Type: libpcap GIT Repository
libpcap

Source: CONFIRM
Type: Product, Release Notes
https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-eaa681d33e

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-b92ce3144a

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-4fe461079f

Source: BUGTRAQ
Type: UNKNOWN
20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra

Source: CCN
Type: Apple security document HT210788
About the security content of macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT210785

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT210788

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT210789

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT210790

Source: N/A
Type: UNKNOWN
N/A

Source: CONFIRM
Type: Vendor Advisory
https://www.tcpdump.org/public-cve-list.txt

Vulnerable Configuration:Configuration 1:
  • cpe:/a:tcpdump:libpcap:*:*:*:*:*:*:*:* (Version < 1.9.1)

    • Configuration CCN 1:
  • cpe:/a:tcpdump:libpcap:1.9.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7639
    P
    		libpcap-devel-1.10.1-150400.1.7 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3053
    P
    		dnsmasq-2.78-18.9.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94683
    P
    		libpcap-devel-1.10.1-150400.1.7 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:176
    P
    		libpcap-devel-1.9.1-1.33 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:112758
    P
    		libpcap-devel-1.10.1-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106230
    P
    		libpcap-devel-1.10.1-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:63490
    P
    		libpcap1-32bit-1.9.1-1.33 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2401
    P
    		libpcap1-32bit-1.9.1-1.33 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:71935
    P
    		libpcap-devel-1.9.1-1.33 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62194
    P
    		libpcap-devel-1.9.1-1.33 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1105
    P
    		libpcap-devel-1.9.1-1.33 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100952
    P
    		libpcap-devel-1.9.1-1.33 on GA media (Moderate)
    2021-08-09
    oval:com.ubuntu.disco:def:2019151610000000
    V
    		CVE-2019-15161 on Ubuntu 19.04 (disco) - medium.
    2019-10-03
    oval:com.ubuntu.bionic:def:2019151610000000
    V
    		CVE-2019-15161 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-10-03
    oval:com.ubuntu.xenial:def:2019151610000000
    V
    		CVE-2019-15161 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-10-03
    BACK
    tcpdump libpcap *
    tcpdump libpcap 1.9.0