Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 452
Alerts This Week
Warning Icon 1 452

Gentoo: GLSA 200404-05 High: ipsec-tools X.509 Connection Risk

gentoo
Calendar Grey April 7, 2004
Dist Gentoo Esm H88
Discover Gentoo's advisory GLSA 200404-05 highlighting a serious X.509 certificate vulnerability in ipsec-tools.
ipsec-tools contains a vulnerability that affects connections authenticated with X.509 certificates.

Summary

Gentoo Linux Security Advisory GLSA 200404-05 https://security.gentoo.org/ Severity: High Title: ipsec-tools contains an X.509 certificates vulnerability.
Date: April 07, 2004 Bugs: #47013 ID: 200404-05

Synopsis ======= ipsec-tools contains a vulnerability that affects connections authenticated with X.509 certificates.
Background ========= From :
"IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation."
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- net-firewall/ipsec-tools <= 0.2.4 >= 0.2.5
========== racoon (a utility in the ipsec-tools package) does not verify digital signatures on Phase1 packets. This means that anybody holding the correct X.509 cer...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround