Download
| Alert*
oval:org.secpod.oval:def:89045445
The strongswan package was updated to fix the following security issue: - CVE-2015-8023: Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin . oval:org.secpod.oval:def:702846 strongswan: IPsec VPN solution strongSwan could be made to bypass authentication. oval:org.secpod.oval:def:52628 strongswan: IPsec VPN solution strongSwan could be made to bypass authentication. oval:org.secpod.oval:def:602281 Tobias Brunner found an authentication bypass vulnerability in strongSwan, an IKE/IPsec suite. Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without pr ... |