Detections
Analytics
Debian DSA-3282-1 : strongswan - security update
low Nessus Plugin ID 84026
Language:
Synopsis
The remote Debian host is missing a security-related update.Description
Alexander E. Patrakov discovered an issue in strongSwan, an IKE/IPsec suite used to establish IPsec protected links.When an IKEv2 client authenticates the server with certificates and the client authenticates itself to the server using pre-shared key or EAP, the constraints on the server certificate are only enforced by the client after all authentication steps are completed successfully.
A rogue server which can authenticate using a valid certificate issued by any CA trusted by the client could trick the user into continuing the authentication, revealing the username and password digest (for EAP) or even the cleartext password (if EAP-GTC is accepted).
Solution
Upgrade the strongswan packages.For the oldstable distribution (wheezy), this problem has been fixed in version 4.5.2-1.5+deb7u7.
For the stable distribution (jessie), this problem has been fixed in version 5.2.1-6+deb8u1.
See Also
https://packages.debian.org/source/wheezy/strongswan
Plugin Details
Severity: Low
ID: 84026
File Name: debian_DSA-3282.nasl
Version: 2.7
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 6/9/2015
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Low
Base Score: 2.6
Temporal Score: 1.9
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:strongswan, cpe:/o:debian:debian_linux:8.0, cpe:/o:debian:debian_linux:7.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Ease: No known exploits are available
Patch Publication Date: 6/8/2015
Reference Information
CVE: CVE-2015-4171
DSA: 3282