Lucene search
UbuntuUSN-2811-1HistoryNov 16, 2015 - 12:00 a.m.
strongSwan vulnerability
2015-11-1600:00:00
ubuntu.com
31
7.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.9%
Releases
- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 ESM
Packages
- strongswan - IPsec VPN solution
Details
It was discovered that the strongSwan eap-mschapv2 plugin incorrectly
handled state. A remote attacker could use this issue to bypass
authentication.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.10 | noarch | strongswan-plugin-eap-mschapv2 | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libstrongswan | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | libstrongswan-dbgsym | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-dbg | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-ike | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-ike-dbgsym | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-ikev1 | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-ikev2 | < 5.1.2-0ubuntu6.2 | UNKNOWN |
| Ubuntu | 15.10 | noarch | strongswan-nm | < 5.1.2-0ubuntu6.2 | UNKNOWN |
References
Related
prion
prion
Authentication flaw
2015-11-18 16:59:00
nessus
nessus
Ubuntu 14.04 LTS : strongSwan vulnerability (USN-2811-1)
2015-11-17 00:00:00
SUSE SLED11 / SLES11 Security Update : strongswan (SUSE-SU-2015:2186-1)
2015-12-04 00:00:00
openSUSE Security Update : strongswan (openSUSE-2015-810)
2015-11-30 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-345-1)
2023-03-08 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:2183-1)
2021-04-19 00:00:00
Debian Security Advisory DSA 3398-1 (strongswan - security update)
2015-11-16 00:00:00
ubuntucve
ubuntucve
CVE-2015-8023
2015-11-16 00:00:00
suse
suse
Security update for strongswan (important)
2015-12-21 23:10:52
cve
cve
CVE-2015-8023
2015-11-18 16:59:00
debian
debian
[SECURITY] [DSA 3398-1] strongswan security update
2015-11-16 13:14:07
[SECURITY] [DLA 345-1] strongswan security update
2015-11-19 12:46:30
ibm
ibm
freebsd
freebsd
strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin
2015-11-16 00:00:00
debiancve
debiancve
CVE-2015-8023
2015-11-18 16:59:00
7.6 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
76.9%
Related for USN-2811-1