FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)

Medium Nessus Plugin ID 73857


The remote FreeBSD host is missing a security-related update.


strongSwan developers report :

Remote attackers are able to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

Only installations that actively initiate or re-authenticate IKEv2 IKE_SAs are affected.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 73857

File Name: freebsd_pkg_6fb521b0d38811e3a790000c2980a9f3.nasl

Version: $Revision: 1.1 $

Type: local

Published: 2014/05/05

Modified: 2014/05/05

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:strongswan, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2014/05/04

Vulnerability Publication Date: 2014/03/12

Reference Information

CVE: CVE-2014-2338