[strongSwan] CVE-2015-4171

Noel Kuntze noel at familie-kuntze.de
Thu Jun 18 01:22:15 CEST 2015 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello Yordanos,

As the native Windows 7 Agile VPN client are different products by different
companies and it shares no code with strongSwan, that software is not
impacted by the referenced CVE. The CVE only applies to strongswan
when used as initiator of an IKEv2 connection that uses EAP or PSK to authenticate itself
against a remote peer.

Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

Am 18.06.2015 um 00:48 schrieb yordanos beyene:
> Hello Noel,
>
> Yes, I mean the native Windos7 Agile VPN client.
>
> Yordanos.
>
> On Wed, Jun 17, 2015 at 3:36 PM, Noel Kuntze <noel at familie-kuntze.de <mailto:noel at familie-kuntze.de>> wrote:
>
>
> Hello Yordanos,
>
> Do you refer to the native VPN client in Windows 7?
>
> Mit freundlichen Grüßen/Kind Regards,
> Noel Kuntze
>
> GPG Key ID: 0x63EC6658
> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
>
> Am 18.06.2015 um 00:35 schrieb yordanos beyene:
>
> > Hello Strongswan team,
>
> > I appreciate if any one can confirm if strongSwan Vulnerability (CVE-2015-4171) that causes user credentials leak impacts Windows7 VPN clients.
>
> > Regards,
> > Yordanos.
>
>
> > _______________________________________________
> > Users mailing list
> > Users at lists.strongswan.org <mailto:Users at lists.strongswan.org>
> > https://lists.strongswan.org/mailman/listinfo/users
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVggElAAoJEDg5KY9j7GZYx40P/iqW9RiY4YPdLcBor5AWovzP
i/If74q8BWy73p3exQMJ95UDjScY7KCFYW5acnQGeeoSY+X59DfM4JbhKwTESpOC
39Q61JfIReBVXTYNeGN23fxnVfnaXLZ3189jLqyA4V7+Mb2p864w9KV6DNAlrfZs
c+vJ69BrIVpPk/cwqauuliT2LG1S2Kg2VBi3uCI0EZ4A9UFIUJhOsTNzTi6Sb6IF
L3wHi+PVzlIXB1VHoQHp9v07O8jw31PLutOhMCFe0nbqH4F2wkaJFMj9j5zmGjdR
8hTc92lUCaUGliQdevZGmJdD5pO5FzTlr4kznKAWgn06SmbgtHZyQZAFqkokMxJa
h2TfyoG0Oyck+O2HCUPscfVNPeRDU0drafCj5WEcoCTNStAxjqnL0tadl70r/iCb
FCkh34mlDp2z2qH/rD/BdP78ZjdWSf0KKzWeZKw1yev+WAqr5AIyMWblF5OTXFY1
i+fJYIstIqX++H5c8sdkxHvm9FFZprRp7nDsyslk0klJRP5Iqs9/vNI/pNpMSf6i
8eEyBfV4ehUHbCqWwIytqKbIjDAXVnuaxLpKQPL1ONF8/1iRHH2mqAlIp1HaCTe5
IxMXl5FYu+yg4ZeeKsD082rdGJ8CAZOGE5YMxhgdYjctIzhPaxWLUvimWG6/SW4c
akP9e5fJeQKdf207gh+F
=5bZf
-----END PGP SIGNATURE-----

More information about the Users mailing list