Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Fri, 20 May 2016 14:53:25 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Moderate: libndp on SL7.x x86_64 MIME-Version: 1.0 Message-ID: <20160520145325.28525.73463@slpackages.fnal.gov> Synopsis: Moderate: libndp security update Advisory ID: SLSA-2016:1086-1 Issue Date: 2016-05-17 CVE Numbers: CVE-2016-3698 -- Security Fix(es): * It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698) -- SL7 x86_64 libndp-1.2-6.el7_2.i686.rpm libndp-1.2-6.el7_2.x86_64.rpm libndp-debuginfo-1.2-6.el7_2.i686.rpm libndp-debuginfo-1.2-6.el7_2.x86_64.rpm libndp-devel-1.2-6.el7_2.i686.rpm libndp-devel-1.2-6.el7_2.x86_64.rpm - Scientific Linux Development Team