rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. Upstream patch: https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58 References: https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES
Created libpcap tracking bugs for this issue: Affects: fedora-all [bug 1760624]
RPCAPD support added in tcpdump 1.9.0 (see https://github.com/the-tcpdump-group/libpcap/blob/libpcap-1.9/CHANGES#L74). RHEL 6 and 7 ship an older version of libpcap that does not even have the vulnerable file. RHEL 8 ships a newer version, however it is not compiled with RPCAPD support (--enable-remote is not specified).
Statement: This issue did not affect the versions of libpcap as shipped with Red Hat Enterprise Linux 6, 7, and 8 as they did not include support for RPCAPD.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-15162