CVE-2014-2338

EPSS 0.32%

strongswan - security update

發布日:2014/4/16修改日:2026/4/28

描述

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

受影響套件(2)

Debian/strongswanfrom 0, < 5.1.2-4
Debian/strongswanfrom 0, < 4.4.1-5.5

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-2338