The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Racoon | Kame | * | * |
Red Hat Enterprise Linux 3 | RedHat | ipsec-tools-0:0.2.5-0.4 | * |
Ipsec-tools | Ubuntu | dapper | * |
Ipsec-tools | Ubuntu | devel | * |
Ipsec-tools | Ubuntu | edgy | * |
Ipsec-tools | Ubuntu | feisty | * |