Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-0607HistoryDec 06, 2004 - 5:00 a.m.
CVE-2004-0607
2004-12-0605:00:00
Debian Security Bug Tracker
security-tracker.debian.org
7
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 9 | all | ipsec-tools | < 1:0.8.2+20140711-8+deb9u1 | ipsec-tools_1:0.8.2+20140711-8+deb9u1_all.deb |
Related
f5
f5
K15452143 : IPsec-Tools (racoon) vulnerability CVE-2004-0607
2018-03-12 00:00:00
cve
cve
CVE-2004-0607
2004-12-06 05:00:00
openvas
openvas
FreeBSD Ports: racoon
2008-09-04 00:00:00
FreeBSD Ports: racoon
2008-09-04 00:00:00
FreeBSD Ports: racoon
2008-09-04 00:00:00
redhat
redhat
(RHSA-2004:308) ipsec-tools security update
2004-07-29 00:00:00
nessus
nessus
RHEL 3 : ipsec-tools (RHSA-2004:308)
2004-07-30 00:00:00
GLSA-200406-17 : IPsec-Tools: authentication bug in racoon
2004-08-30 00:00:00
Mac OS X Multiple Vulnerabilities (Security Update 2004-09-07)
2004-09-08 00:00:00
gentoo
gentoo
IPsec-Tools: authentication bug in racoon
2004-06-22 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related for DEBIANCVE:CVE-2004-0607