strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin
Strongswan Release Notes reports:
Fixed an authentication bypass vulnerability in the eap-mschapv2 plugin that
was caused by insufficient verification of the internal state when handling
MSCHAPv2 Success messages received by the client.
This vulnerability has been registered as CVE-2015-8023.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright