strongswan: Authentication bypass vulnerability in eap-mschapv2 plugin (CVE-2015-8023) (#4875) · Issues · alpine / aports

strongswan: Authentication bypass vulnerability in eap-mschapv2 plugin (CVE-2015-8023)

An authentication bypass vulnerability in the eap-mschapv2 plugin was fixed that enabled malicious
clients to trick the server into concluding the EAP-MSCHAPv2 authentication successfully without
providing valid credentials, actually, without providing any credentials at all.
It was caused by insufficient verification of the internal state when handling EAP-MSCHAPv2 Success messages from clients.

Affected versions:

since 4.2.12, up to and including 5.3.3.

Fixed in:

5.3.4

References:

https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-%28cve-2015-8023%29.html
https://www.strongswan.org/blog/2015/11/16/strongswan-5.3.4-released.html
https://wiki.strongswan.org/projects/strongswan/wiki/Changelog53

(from redmine: issue id 4875, created on 2015-11-17, closed on 2015-12-08)

Relations:
- child #4876 (closed)
- child #4877 (closed)
- child #4878 (closed)
- child #4879 (closed)
- child #4880 (closed)

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information