Vulnerabilities

CVE-2004-0155

by Fred · 16/04/2004

The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.

Date published : 2004-04-16

http://marc.info/?l=bugtraq&m=108369640424244&w=2

http://www.securityfocus.com/bid/10072

Related

Tags: Cybersecurity Alert