Hide Forgot
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. Upstream patch: https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES References: https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES
Created libpcap tracking bugs for this issue: Affects: fedora-all [bug 1760624]