Lucene search
CentOS ProjectCESA-2016:1086HistoryMay 17, 2016 - 10:20 p.m.
libndp security update
2016-05-1722:20:14
CentOS Project
lists.centos.org
44
0.022 Low
EPSS
Percentile
89.3%
CentOS Errata and Security Advisory CESA-2016:1086
Libndp is a library (used by NetworkManager) that provides a wrapper for the IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.
Security Fix(es):
- It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698)
Red Hat would like to thank Julien Bernard (ViagΓ©nie) for reporting this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2016-May/084055.html
Affected packages:
libndp
libndp-devel
Upstream details at:
https://access.redhat.com/errata/RHSA-2016:1086
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| CentOS | 7 | i686 | libndp | <Β 1.2-6.el7_2 | libndp-1.2-6.el7_2.i686.rpm |
| CentOS | 7 | x86_64 | libndp | <Β 1.2-6.el7_2 | libndp-1.2-6.el7_2.x86_64.rpm |
| CentOS | 7 | i686 | libndp-devel | <Β 1.2-6.el7_2 | libndp-devel-1.2-6.el7_2.i686.rpm |
| CentOS | 7 | x86_64 | libndp-devel | <Β 1.2-6.el7_2 | libndp-devel-1.2-6.el7_2.x86_64.rpm |
Related
nessus
nessus
Scientific Linux Security Update : libndp on SL7.x x86_64 (20160517)
2016-05-23 00:00:00
Debian DSA-3581-1 : libndp - security update
2016-05-18 00:00:00
Fedora 23 : libndp (2016-5cbcaebaf2)
2016-07-14 00:00:00
debian
debian
[SECURITY] [DSA 3581-1] libndp security update
2016-05-17 12:58:38
[SECURITY] [DSA 3581-1] libndp security update
2016-05-17 12:58:59
cvelist
cvelist
CVE-2016-3698
2016-06-13 19:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: libndp-1.4-2.fc22.1
2016-05-20 23:53:03
[SECURITY] Fedora 23 Update: libndp-1.6-1.fc23
2016-05-20 23:54:50
[SECURITY] Fedora 24 Update: libndp-1.6-1.fc24
2016-05-20 17:44:52
openvas
openvas
Debian: Security Advisory (DSA-3581-1)
2016-05-16 00:00:00
Fedora Update for libndp FEDORA-2016-189e43cb4f
2016-06-08 00:00:00
Fedora Update for libndp FEDORA-2016-2be4263b24
2016-06-08 00:00:00
mageia
mageia
Updated libndp packages fix CVE-2016-3698
2016-05-18 23:14:22
prion
prion
Design/Logic Flaw
2016-06-13 19:59:00
debiancve
debiancve
CVE-2016-3698
2016-06-13 19:59:00
redhat
redhat
(RHSA-2016:1086) Moderate: libndp security update
2016-05-17 10:11:45
oraclelinux
oraclelinux
libndp security update
2016-05-17 00:00:00
cve
cve
CVE-2016-3698
2016-06-13 19:59:00
ubuntucve
ubuntucve
CVE-2016-3698
2016-05-17 00:00:00
ubuntu
ubuntu
libndp vulnerability
2016-05-17 00:00:00
archlinux
archlinux
libndp: man-in-the-middle
2016-05-24 00:00:00
redhatcve
redhatcve
CVE-2016-3698
2016-05-17 10:18:30
photon
photon