CVE-2014-2338
Published: 16 April 2014
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Priority
Status
Package | Release | Status |
---|---|---|
strongswan Launchpad, Ubuntu, Debian |
vivid |
Released
(5.1.2-0ubuntu2)
|
wily |
Released
(5.1.2-0ubuntu2)
|
|
xenial |
Released
(5.1.2-0ubuntu2)
|
|
yakkety |
Released
(5.1.2-0ubuntu2)
|
|
zesty |
Released
(5.1.2-0ubuntu2)
|
|
lucid |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
quantal |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Released
(5.1.2-0ubuntu2)
|
|
upstream |
Released
(5.1.2-4)
|
|
utopic |
Released
(5.1.2-0ubuntu2)
|