Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200406-20 Normal: FreeS/WAN Certificate Handling Flaws

gentoo
Calendar Grey June 25, 2004
Dist Gentoo Esm H88
Uncover weaknesses in the certificate handling processes for FreeS/WAN, Openswan, and strongSwan on Gentoo platforms. Act promptly!
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when authenticating PKCS#7 certificates

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200406-20
                                            https://security.gentoo.org/

  Severity: Normal
     Title: FreeS/WAN, Openswan, strongSwan: Vulnerabilities in
            certificate handling
      Date: June 25, 2004
        ID: 200406-20


Synopsis
=======
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs
when authenticating PKCS#7 certificates. This could allow an attacker
to authenticate with a fake certificate.

Background
=========
FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN are Open Source
implementations of IPsec for the Linux operating system. They are all
based on the discontinued FreeS/WAN project.

Affected packages
================
    -------------------------------------------------------------------
     Package                  /   Vulnerable   /            Unaffected
    -----------------------------------------------------------...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory Gentoo authentication issue IPsec FreeS/WAN certificate handling

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo authentication issue IPsec FreeS/WAN certificate handling

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here