Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-3698

Опубликовано: 13 июн. 2016
Источник: nvd
CVSS3: 8.1
CVSS2: 6.8
EPSS Низкий

Описание

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:libndp:libndp:*:*:*:*:*:*:*:*
Версия до 1.5 (включая)
Конфигурация 3
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

EPSS

Процентиль: 73%
0.00769
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284

Связанные уязвимости

ubuntu логотип

CVE-2016-3698

CVSS3: 8.1
ubuntu
около 9 лет назад

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

redhat логотип

CVE-2016-3698

redhat
больше 9 лет назад

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

debian логотип

CVE-2016-3698

CVSS3: 8.1
debian
около 9 лет назад

libndp before 1.6, as used in NetworkManager, does not properly valida ...

github логотип

GHSA-rj7j-9h37-7pw7

CVSS3: 8.1
github
больше 3 лет назад

libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network.

oracle-oval логотип

ELSA-2016-1086

oracle-oval
больше 9 лет назад

ELSA-2016-1086: libndp security update (MODERATE)

EPSS

Процентиль: 73%
0.00769
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-284