FreeBSD : strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin (3eb0ccc2-8c6a-11e5-8519-005056ac623e)
Medium Nessus Plugin ID 86889
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionStrongswan Release Notes reports :
Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that was caused by insufficient verification of the internal state when handling MSCHAPv2 Success messages received by the client.
This vulnerability has been registered as CVE-2015-8023.
SolutionUpdate the affected package.