Uploaded image for project: 'Funtoo Linux'
  1. Funtoo Linux
  2. FL-9724

net-libs/libpcap-1.9.0 have multiple vulnerables

XMLWordPrintable

    • Icon: Security Vulnerability Security Vulnerability
    • Resolution: Fixed
    • Icon: Normal Normal
    • None
    • None
    • Make autogen for libpcap to eliminate cve and keep updated 

      {
   "id":"CVE-2019-15165",
   "is_known_exploited_vuln":false,
   "description":"sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.",
   "urls":[
      "https://nvd.nist.gov/vuln/detail/CVE-2019-15165",
      "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
      "https://github.com/the-tcpdump-group/libpcap/commit/a5a36d9e82dde7265e38fe1f87b7f11c461c29f6",
      "https://www.tcpdump.org/public-cve-list.txt",
      "https://github.com/the-tcpdump-group/libpcap/commit/87d6bef033062f969e70fa40c43dfd945d5a20ab",
      "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html",
      "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html",
      "https://lists.debian.org/debian-lts-announce/2019/10/msg00031.html",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/",
      "https://support.apple.com/kb/HT210788",
      "https://usn.ubuntu.com/4221-1/",
      "https://seclists.org/bugtraq/2019/Dec/23",
      "http://seclists.org/fulldisclosure/2019/Dec/26",
      "https://usn.ubuntu.com/4221-2/",
      "https://support.apple.com/kb/HT210790",
      "https://support.apple.com/kb/HT210785",
      "https://support.apple.com/kb/HT210789",
      "https://www.oracle.com/security-alerts/cpuapr2020.html",
      "https://lists.debian.org/debian-lts-announce/2021/12/msg00014.html"
   ]
}{
   "id":"CVE-2019-15161",
   "is_known_exploited_vuln":false,
   "description":"rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.",
   "urls":[
      "https://nvd.nist.gov/vuln/detail/CVE-2019-15161",
      "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
      "https://www.tcpdump.org/public-cve-list.txt",
      "https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/",
      "https://support.apple.com/kb/HT210788",
      "https://seclists.org/bugtraq/2019/Dec/23",
      "http://seclists.org/fulldisclosure/2019/Dec/26",
      "https://support.apple.com/kb/HT210790",
      "https://support.apple.com/kb/HT210789",
      "https://support.apple.com/kb/HT210785",
      "https://www.oracle.com/security-alerts/cpuapr2020.html"
   ]
}{
   "id":"CVE-2019-15164",
   "is_known_exploited_vuln":false,
   "description":"rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.",
   "urls":[
      "https://nvd.nist.gov/vuln/detail/CVE-2019-15164",
      "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
      "https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a",
      "https://www.tcpdump.org/public-cve-list.txt",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/",
      "https://support.apple.com/kb/HT210788",
      "https://seclists.org/bugtraq/2019/Dec/23",
      "http://seclists.org/fulldisclosure/2019/Dec/26",
      "https://support.apple.com/kb/HT210790",
      "https://support.apple.com/kb/HT210789",
      "https://support.apple.com/kb/HT210785",
      "https://www.oracle.com/security-alerts/cpuapr2020.html"
   ]
}{
   "id":"CVE-2019-15163",
   "is_known_exploited_vuln":false,
   "description":"rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.",
   "urls":[
      "https://nvd.nist.gov/vuln/detail/CVE-2019-15163",
      "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
      "https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31",
      "https://www.tcpdump.org/public-cve-list.txt",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/",
      "https://support.f5.com/csp/article/K92862401?utm_source=f5support&utm_medium=RSS",
      "https://support.apple.com/kb/HT210788",
      "https://seclists.org/bugtraq/2019/Dec/23",
      "http://seclists.org/fulldisclosure/2019/Dec/26",
      "https://support.apple.com/kb/HT210790",
      "https://support.apple.com/kb/HT210785",
      "https://support.apple.com/kb/HT210789",
      "https://www.oracle.com/security-alerts/cpuapr2020.html"
   ]
}{
   "id":"CVE-2019-15162",
   "is_known_exploited_vuln":false,
   "description":"rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.",
   "urls":[
      "https://nvd.nist.gov/vuln/detail/CVE-2019-15162",
      "https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES",
      "https://www.tcpdump.org/public-cve-list.txt",
      "https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3/",
      "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/",
      "https://support.apple.com/kb/HT210788",
      "https://seclists.org/bugtraq/2019/Dec/23",
      "http://seclists.org/fulldisclosure/2019/Dec/26",
      "https://support.apple.com/kb/HT210790",
      "https://support.apple.com/kb/HT210789",
      "https://support.apple.com/kb/HT210785",
      "https://www.oracle.com/security-alerts/cpuapr2020.html"
   ]
}

            Unassigned Unassigned
            tczaude tczaude
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: