Vulnerability in Kame Racoon
CVE-2004-0155
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct…
EPSS: 0.036 (88.0th percentile) — read the EPSS interpretation.
Affected products
- Kame Racoon
- N/a — versions n/a
References
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
- cve@mitre.org (vendor-advisory, x_refsource_APPLE)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)