[SECURITY] [DSA 2903-1] strongswan security update

2014-04-1415:01:29

lists.debian.org

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.017

Percentile

87.8%

JSON

Debian Security Advisory DSA-2903-1 [email protected]
http://www.debian.org/security/ Yves-Alexis Perez
April 14, 2014 http://www.debian.org/security/faq

Package : strongswan
CVE ID : CVE-2014-2338

An authentication bypass vulnerability was found in charon, the daemon
handling IKEv2 in strongSwan, an IKE/IPsec suite. The state machine
handling the security association (IKE_SA) handled some state transitions
incorrectly.

An attacker can trigger the vulnerability by rekeying an unestablished
IKE_SA during the initiation itself. This will trick the IKE_SA state to
'established' without the need to provide any valid credential.

Vulnerable setups include those actively initiating IKEv2 IKE_SA (like
”clients” or “roadwarriors”) but also during re-authentication (which
can be initiated by the responder). Installations using IKEv1 (pluto
daemon in strongSwan 4 and earlier, and IKEv1 code in charon 5.x) is not
affected.

For the oldstable distribution (squeeze), this problem has been fixed in
version 4.4.1-5.5.

For the stable distribution (wheezy), this problem has been fixed in
version 4.5.2-1.5+deb7u3.

For the unstable distribution (sid), this problem has been fixed in
version 5.1.2-4.

We recommend that you upgrade your strongswan packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6mipsstrongswan-dbg< 4.4.1-5.5strongswan-dbg_4.4.1-5.5_mips.deb
Debian6i386strongswan-starter< 4.4.1-5.5strongswan-starter_4.4.1-5.5_i386.deb
Debian7amd64strongswan-ikev2< 4.5.2-1.5+deb7u3strongswan-ikev2_4.5.2-1.5+deb7u3_amd64.deb
Debian7mipsstrongswan-dbg< 4.5.2-1.5+deb7u3strongswan-dbg_4.5.2-1.5+deb7u3_mips.deb
Debian6amd64strongswan-nm< 4.4.1-5.5strongswan-nm_4.4.1-5.5_amd64.deb
Debian6amd64strongswan-ikev2< 4.4.1-5.5strongswan-ikev2_4.4.1-5.5_amd64.deb
Debian7sparclibstrongswan< 4.5.2-1.5+deb7u3libstrongswan_4.5.2-1.5+deb7u3_sparc.deb
Debian6armelstrongswan-ikev1< 4.4.1-5.5strongswan-ikev1_4.4.1-5.5_armel.deb
Debian7s390libstrongswan< 4.5.2-1.5+deb7u3libstrongswan_4.5.2-1.5+deb7u3_s390.deb
Debian7mipsellibstrongswan< 4.5.2-1.5+deb7u3libstrongswan_4.5.2-1.5+deb7u3_mipsel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	6	mips	strongswan-dbg	< 4.4.1-5.5	strongswan-dbg_4.4.1-5.5_mips.deb
Debian	6	i386	strongswan-starter	< 4.4.1-5.5	strongswan-starter_4.4.1-5.5_i386.deb
Debian	7	amd64	strongswan-ikev2	< 4.5.2-1.5+deb7u3	strongswan-ikev2_4.5.2-1.5+deb7u3_amd64.deb
Debian	7	mips	strongswan-dbg	< 4.5.2-1.5+deb7u3	strongswan-dbg_4.5.2-1.5+deb7u3_mips.deb
Debian	6	amd64	strongswan-nm	< 4.4.1-5.5	strongswan-nm_4.4.1-5.5_amd64.deb
Debian	6	amd64	strongswan-ikev2	< 4.4.1-5.5	strongswan-ikev2_4.4.1-5.5_amd64.deb
Debian	7	sparc	libstrongswan	< 4.5.2-1.5+deb7u3	libstrongswan_4.5.2-1.5+deb7u3_sparc.deb
Debian	6	armel	strongswan-ikev1	< 4.4.1-5.5	strongswan-ikev1_4.4.1-5.5_armel.deb
Debian	7	s390	libstrongswan	< 4.5.2-1.5+deb7u3	libstrongswan_4.5.2-1.5+deb7u3_s390.deb
Debian	7	mipsel	libstrongswan	< 4.5.2-1.5+deb7u3	libstrongswan_4.5.2-1.5+deb7u3_mipsel.deb