CVE-2019-15162
First published: Thu Oct 03 2019(Updated: )
libpcap. Multiple issues were addressed by updating to libpcap version 1.9.1
Credit: CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tcpdump Libpcap | <1.9.1 | |
| Opengroup Unix | ||
| Apple tvOS | <13.3 | 13.3 |
| Apple watchOS | <6.1.1 | 6.1.1 |
| Apple iOS | <13.3 | 13.3 |
| Apple iPadOS | <13.3 | 13.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210785 (Advisory)
- https://support.apple.com/en-us/HT210789 (Advisory)
- https://support.apple.com/en-us/HT210790 (Advisory)
- http://seclists.org/fulldisclosure/2019/Dec/26
- https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES
- https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/
- https://seclists.org/bugtraq/2019/Dec/23
- https://support.apple.com/kb/HT210785
- https://support.apple.com/kb/HT210788
- https://support.apple.com/kb/HT210789
- https://support.apple.com/kb/HT210790
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.tcpdump.org/public-cve-list.txt
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2019-15162.
What is the severity level of CVE-2019-15162?
The severity level of CVE-2019-15162 is medium, with a severity value of 5.3.
What is the affected software?
The affected software includes Tcpdump Libpcap version up to 1.9.1, Apple watchOS version up to 6.1.1, Apple tvOS version up to 13.3, Apple iOS version up to 13.3, and Apple iPadOS version up to 13.3.
What is the description of CVE-2019-15162?
CVE-2019-15162 is a vulnerability in libpcap before version 1.9.1 on non-Windows platforms, which may provide details about why authentication failed, making it easier for attackers to enumerate valid usernames.
How can I mitigate the vulnerability?
To mitigate the vulnerability, update the affected software to the recommended versions: libpcap version 1.9.1 for Tcpdump Libpcap, watchOS version 6.1.1 or later, tvOS version 13.3 or later, iOS version 13.3 or later, and iPadOS version 13.3 or later.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- alias/CVE-2019-15162
- alias/CVE-2019-15163
- alias/CVE-2019-15164
- alias/CVE-2019-15165
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple ios
- canonical/apple ipados
- canonical/apple watchos
- canonical/apple tvos
- vendor/tcpdump
- canonical/tcpdump libpcap
- vendor/opengroup
- canonical/opengroup unix