<vuln vid="9e3e5d6f-8c5b-11e5-9930-00167671dd1d">

    <topic>strongSwan -- eap-mschapv2 plugin authentication bypass vulnerability</topic>

    <affects>

      <package>

	<name>strongswan</name>

	<range><lt>5.3.4</lt></range>

      </package>

    </affects>

    <description>

      <body xmlns="http://www.w3.org/1999/xhtml">

	<p>strongSwan security team reports:</p>

	  <blockquote cite="https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html">

	    <p>Affected are IKEv2 connections that use EAP-MSCHAPv2 to authenticate clients via our own eap-mschapv2 plugin.  It doesn't matter if it is used directly (rightauth=eap-mschapv2) or tunneled in EAP-PEAP or EAP-TTLS (rightauth=eap-peap|ttls and phase2_method = mschapv2) or if the eap-dynamic plugin is used (rightauth=eap-dynamic) with the eap-mschapv2 plugin being loaded.</p>

	    <p>Installations that use RADIUS to provide EAP-MSCHAPv2 authentication to their clients (rightauth=eap-radius) are not affected (provided the RADIUS server's EAP-MSCHAPv2 implementation is correct).</p>

	    <p>Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without providing valid credentials.  In fact, the client can simply send the last message in the process described above (i.e. an empty Success message) as response to the server's Challenge message to pass the EAP-MSCHAPv2 authentication successfully.</p>

	</blockquote>

      </body>

    </description>

    <references>

	<cvename>CVE-2015-8023</cvename>

    </references>

    <dates>

      <discovery>2015-11-05</discovery>

      <entry>2015-11-16</entry>

    </dates>

  </vuln>