Remote Server Authentication Flaw in strongSwan VPN Client and Server
CVE-2015-4171

Currently unrated

Key Information:

Vendor

Strongswan

Status
Strongswan Vpn Client
Vendor
CVE Published:
10 June 2015

What is CVE-2015-4171?

The strongSwan VPN Client and Server versions prior to 5.3.2 and 1.4.6 respectively, exhibit a significant vulnerability during the IKEv2 connection process. This flaw allows malicious remote servers to exploit EAP or pre-shared keys by bypassing server authentication controls until the entire authentication cycle has been finalized. As a result, an attacker can potentially extract sensitive credentials by using a legitimate certificate to obtain responses from the client or server, exposing users to unauthorized access and data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1032514
vdb-entryx_refsource_SECTRACK
https://www.strongswan.org/blog/2015/06/08/strongswan-vul...
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2015-06/msg000...
vendor-advisoryx_refsource_SUSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.