FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

strongswan -- Remote Authentication Bypass

Affected packages
strongswan < 5.1.3


VuXML ID 6fb521b0-d388-11e3-a790-000c2980a9f3
Discovery 2014-03-12
Entry 2014-05-04

strongSwan developers report:

Remote attackers are able to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

Only installations that actively initiate or re-authenticate IKEv2 IKE_SAs are affected.


CVE Name CVE-2014-2338