[arch-security] [ASA-201605-26] libndp: man-in-the-middle
Levente Polyak
anthraxx at archlinux.org
Tue May 24 15:40:08 UTC 2016
Arch Linux Security Advisory ASA-201605-26
==========================================
Severity: Medium
Date : 2016-05-24
CVE-ID : CVE-2016-3698
Package : libndp
Type : man-in-the-middle
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE
Summary
=======
The package libndp before version 1.6-1 is vulnerable to
man-in-the-middle attacks.
Resolution
==========
Upgrade to 1.6-1.
# pacman -Syu "libndp>=1.6-1"
The problem has been fixed upstream in version 1.6
Workaround
==========
None.
Description
===========
Libndp before version 1.6 does properly validate and check the origin of
Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local
network can exploit this flaw to advertise a node as a router, which
allows them to re-route the traffic through an attacker-controlled node.
Impact
======
A remote unauthenticated attacker is able to send specially crafted
messages to a client and act as a man-in-the-middle between the client
and a server or disrupt client traffic.
References
==========
https://access.redhat.com/security/cve/CVE-2016-3698
https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20160524/48d98827/attachment.asc>
More information about the arch-security
mailing list