[USN-2980-1] libndp vulnerability

Fabricante: Ubuntu
Fecha: 17/05/2016
Identificador: USN-2980-1
[USN-2980-1] libndp vulnerability
========================================================================== Ubuntu Security Notice USN-2980-1 May 17, 2016 libndp vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 15.10 Summary: libndp could be tricked into accepting an NDP message from outside the local network. Software Description: - libndp: Library for Neighbor Discovery Protocol Details: Julien Bernard discovered that libndp incorrectly performed origin checks when receiving Neighbor Discovery Protocol (NDP) messages. A remote attacker outside of the local network could use this issue to advertise a node as a router, causing a denial of service, or possibly to act as a man in the middle. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: libndp0 1.4-2ubuntu0.16.04.1 Ubuntu 15.10: libndp0 1.4-2ubuntu0.15.10.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-2980-1 CVE-2016-3698 Package Information: https://launchpad.net/ubuntu/+source/libndp/1.4-2ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/libndp/1.4-2ubuntu0.15.10.1 --