CVE-2016-3698 – libndp: denial of service due to insufficient validation of source of NDP messages
https://notcve.org/view.php?id=CVE-2016-3698
libndp before 1.6, as used in NetworkManager, does not properly validate the origin of Neighbor Discovery Protocol (NDP) messages, which allows remote attackers to conduct man-in-the-middle attacks or cause a denial of service (network connectivity disruption) by advertising a node as a router from a non-local network. libndp en versiones anteriores a 1.6, como es usado en NetworkManager, no valida correctamente el origen de los mensajes Neighbor Discovery Protocol (NDP), lo que provoca a atacantes remotos llevar a cabo ataques man-in-the-middle o provocar una caída del servicio (interrupción de la conectividad de red) anunciando un nodo como un router de una red no local. It was found that libndp did not properly validate and check the origin of Neighbor Discovery Protocol (NDP) messages. An attacker on a non-local network could use this flaw to advertise a node as a router, allowing them to perform man-in-the-middle attacks on a connecting client, or disrupt the network connectivity of that client. • http://www.debian.org/security/2016/dsa-3581 http://www.openwall.com/lists/oss-security/2016/05/17/9 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html http://www.ubuntu.com/usn/USN-2980-1 https://github.com/jpirko/libndp/commit/2af9a55b38b55abbf05fd116ec097d4029115839 https://github.com/jpirko/libndp/commit/a4892df306e0532487f1634ba6d4c6d4bb381c7f https://rhn.redhat.com/errata/RHSA-2016-1086.html https://access.redhat.com/security/cve/CVE-2016-3698 https://bugzill • CWE-20: Improper Input Validation CWE-284: Improper Access Control •
CVE-2014-3554
https://notcve.org/view.php?id=CVE-2014-3554
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement. Desbordamiento de buffer en la función ndp_msg_opt_dnssl_domain en libndp permite a routers remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un DNS Search List (DNSSL) manipulado en un IPv6 Router Advertisement. • http://www.openwall.com/lists/oss-security/2014/07/29/2 http://www.securityfocus.com/bid/68945 https://bugzilla.redhat.com/show_bug.cgi?id=1118583 https://exchange.xforce.ibmcloud.com/vulnerabilities/94927 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •