CVE-2019-15163 - rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer

CVE-2019-15163

Summary

rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.

References

Vulnerable Configurations

cpe:2.3:a:tcpdump:libpcap:0.5:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.5:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.8.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:tcpdump:libpcap:1.9.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 27-10-2019 - 03:15)
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bugtraq	20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
confirm	https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31 https://support.apple.com/kb/HT210785 https://support.apple.com/kb/HT210788 https://support.apple.com/kb/HT210789 https://support.apple.com/kb/HT210790 https://support.f5.com/csp/article/K92862401?utm_source=f5support&utm_medium=RSS https://www.tcpdump.org/public-cve-list.txt
fedora	FEDORA-2019-4fe461079f FEDORA-2019-b92ce3144a FEDORA-2019-eaa681d33e
fulldisc	20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
misc	https://www.oracle.com/security-alerts/cpuapr2020.html

Last major update

27-10-2019 - 03:15

Published

03-10-2019 - 19:15

Last modified

27-10-2019 - 03:15