FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)

medium Nessus Plugin ID 73857

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

strongSwan developers report :

Remote attackers are able to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

Only installations that actively initiate or re-authenticate IKEv2 IKE_SAs are affected.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?841e5e2e

http://www.nessus.org/u?1080946b

Plugin Details

Severity: Medium

ID: 73857

File Name: freebsd_pkg_6fb521b0d38811e3a790000c2980a9f3.nasl

Version: 1.4

Type: local

Published: 5/5/2014

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.0

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:strongswan, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 5/4/2014

Vulnerability Publication Date: 3/12/2014

Reference Information

CVE: CVE-2014-2338