Synopsis: Moderate: libndp security update
Advisory ID: SLSA-2016:1086-1
Issue Date: 2016-05-17
CVE Numbers: CVE-2016-3698
—
Security Fix(es):
* It was found that libndp did not properly validate and check the origin
of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local
network could use this flaw to advertise a node as a router, allowing them
to perform man-in-the-middle attacks on a connecting client, or disrupt
the network connectivity of that client. (CVE-2016-3698)
—
SL7
x86_64
libndp-1.2-6.el7_2.i686.rpm
libndp-1.2-6.el7_2.x86_64.rpm
libndp-debuginfo-1.2-6.el7_2.i686.rpm
libndp-debuginfo-1.2-6.el7_2.x86_64.rpm
libndp-devel-1.2-6.el7_2.i686.rpm
libndp-devel-1.2-6.el7_2.x86_64.rpm
– Scientific Linux Development Team
