CVE-2015-4171
Published: 8 June 2015
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
Priority
Status
Package | Release | Status |
---|---|---|
strongswan Launchpad, Ubuntu, Debian |
precise |
Does not exist
(precise was needed)
|
trusty |
Released
(5.1.2-0ubuntu2.3)
|
|
upstream |
Needs triage
|
|
utopic |
Released
(5.1.2-0ubuntu3.3)
|
|
vivid |
Released
(5.1.2-0ubuntu5.2)
|
|
wily |
Released
(5.1.2-0ubuntu6)
|
|
xenial |
Released
(5.1.2-0ubuntu6)
|
|
yakkety |
Released
(5.1.2-0ubuntu6)
|
|
zesty |
Released
(5.1.2-0ubuntu6)
|