strongswan

• Author: kikadf
• Vulnerable: 5.0.1-1
• Unaffected: 5.0.1-2arcturus1

A vulnerability has been found in the ASN.1 parser of strongSwan, an IKE daemon used to establish IPsec protected links. An authentication bypass vulnerability was found in charon, the daemon handling IKEv2 in strongSwan, an IKE/IPsec suite. The state machine handling the security association (IKE_SA) handled some state transitions incorrectly.

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5018
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6075
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2338