FreeBSD Bugzilla – Attachment 163193 Details for
Bug 204597
security/strongswan: Update to 5.3.4 [CVE-2015-8023]
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Update for security/vuxml to add CVE-2015-8023
strongswan-5.3.4-CVE-2015-8023-vuxml.diff (text/plain), 2.08 KB, created by
Francois ten Krooden
on 2015-11-16 13:38:44 UTC
(
hide
)
Description:
Update for security/vuxml to add CVE-2015-8023
Filename:
MIME Type:
Creator:
Francois ten Krooden
Created:
2015-11-16 13:38:44 UTC
Size:
2.08 KB
patch
obsolete
>Index: vuln.xml >=================================================================== >--- vuln.xml (revision 401758) >+++ vuln.xml (working copy) >@@ -58,6 +58,33 @@ > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="9e3e5d6f-8c5b-11e5-9930-00167671dd1d"> >+ <topic>strongSwan -- eap-mschapv2 plugin authentication bypass vulnerability</topic> >+ <affects> >+ <package> >+ <name>strongswan</name> >+ <range><lt>5.3.4</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>strongSwan security team reports:</p> >+ <blockquote cite="https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html"> >+ <p>Affected are IKEv2 connections that use EAP-MSCHAPv2 to authenticate clients via our own eap-mschapv2 plugin. It doesn't matter if it is used directly (rightauth=eap-mschapv2) or tunneled in EAP-PEAP or EAP-TTLS (rightauth=eap-peap|ttls and phase2_method = mschapv2) or if the eap-dynamic plugin is used (rightauth=eap-dynamic) with the eap-mschapv2 plugin being loaded.</p> >+ <p>Installations that use RADIUS to provide EAP-MSCHAPv2 authentication to their clients (rightauth=eap-radius) are not affected (provided the RADIUS server's EAP-MSCHAPv2 implementation is correct).</p> >+ <p>Due to insufficient validation of its local state the server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin can be tricked into successfully concluding the authentication without providing valid credentials. In fact, the client can simply send the last message in the process described above (i.e. an empty Success message) as response to the server's Challenge message to pass the EAP-MSCHAPv2 authentication successfully.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2015-8023</cvename> >+ </references> >+ <dates> >+ <discovery>2015-11-05</discovery> >+ <entry>2015-11-16</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="82b3ca2a-8c07-11e5-bd18-002590263bf5"> > <topic>moodle -- multiple vulnerabilities</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=163193">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 204597
:
163192
| 163193