Oval Definition:	oval:com.ubuntu.precise:def:20158023000
Revision Date: 2015-11-18 Version: 1 Title: CVE-2015-8023 on Ubuntu 12.04 LTS (precise) - medium. Description: The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message. Family: unix Class: vulnerability Status: Reference(s): CVE-2015-8023 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND The 'strongswan' package in precise is affected and needs fixing.
BACK