[3.1] strongswan: Authentication bypass vulnerability in eap-mschapv2 plugin (CVE-2015-8023)
An authentication bypass vulnerability in the eap-mschapv2 plugin was
fixed that enabled malicious
clients to trick the server into concluding the EAP-MSCHAPv2
authentication successfully without
providing valid credentials, actually, without providing any credentials
at all.
It was caused by insufficient verification of the internal state when
handling EAP-MSCHAPv2 Success messages from clients.
Affected versions:
since 4.2.12, up to and including 5.3.3.
Fixed in:
5.3.4
References:
https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
https://www.strongswan.org/blog/2015/11/16/strongswan-5.3.4-released.html
https://wiki.strongswan.org/projects/strongswan/wiki/Changelog53
(from redmine: issue id 4878, created on 2015-11-17, closed on 2015-12-08)
- Relations:
- parent #4875 (closed)
- Changesets:
- Revision e5f15c5c on 2015-12-04T07:15:35Z:
main/strongswan: security fix CVE-2015-8023. Fixes #4878