FreeBSD Ports: racoon

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2004:027)

A very serious security flaw was discovered by Ralf Spenneberg in racoon, the IKE daemon of the KAME-tools. Racoon does not very the RSA signature during phase one of a connection using either main or aggressive mode. Only the certificate of the client is verified, the certificate is not used to...

CVE-2004-0155

The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509...

CVE-2004-0155

Removed by vendor...

CVE-2004-0155

CVE-2004-0155 affects the KAME IKE daemon racoon (IPsec-tools). During Phase 1 RSA-signature authentication, racoon validates the X.509 certificate but does not verify the RSA signature, enabling a remote attacker who presents a valid, trusted X.509 cert to perform man-in-the-middle attacks or es...