ID CVE-2019-15164
Summary rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.
References
Vulnerable Configurations
  • cpe:2.3:a:tcpdump:libpcap:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.8.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.6:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.6:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.7:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.7:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:0.9.8:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:0.9.8:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:tcpdump:libpcap:1.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:tcpdump:libpcap:1.9.0:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 27-10-2019 - 03:15)
Impact:
Exploitability:
CWE CWE-918
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bugtraq 20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
confirm
fedora
  • FEDORA-2019-4fe461079f
  • FEDORA-2019-b92ce3144a
  • FEDORA-2019-eaa681d33e
fulldisc 20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra
misc https://www.oracle.com/security-alerts/cpuapr2020.html
Last major update 27-10-2019 - 03:15
Published 03-10-2019 - 19:15
Last modified 27-10-2019 - 03:15
Back to Top