Scientific Linux Security Update : libndp on SL7.x x86_64
Medium Nessus Plugin ID 91296
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. (CVE-2016-3698)
SolutionUpdate the affected libndp, libndp-debuginfo and / or libndp-devel packages.