Explore top 10 tips to secure your open-source projects now. Read More
×Gentoo Linux Security Advisory GLSA 200404-05
https://security.gentoo.org/
Severity: High
Title: ipsec-tools contains an X.509 certificates vulnerability.
Date: April 07, 2004
Bugs: #47013
ID: 200404-05
Synopsis
=======
ipsec-tools contains a vulnerability that affects connections
authenticated with X.509 certificates.
Background
=========
From :
"IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec
implementation."
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
net-firewall/ipsec-tools <= 0.2.4 >= 0.2.5
==========
racoon (a utility in the ipsec-tools package) does not verify digital
signatures on Phase1 packets. This means that anybody holding the
correct X.509 cer...
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.