FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)
Medium Nessus Plugin ID 73857
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionstrongSwan developers report :
Remote attackers are able to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Only installations that actively initiate or re-authenticate IKEv2 IKE_SAs are affected.
SolutionUpdate the affected package.