Read Time:12 Second
Zhuowei Zhang discovered a bug in the EAP authentication client code of
strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some
scenarios even the server authentication, or could lead to a denial-of-service
attack.