| Vulnerability Name: | CVE-2004-0607 (CCN-16414) | ||||||||||||
| Assigned: | 2004-06-14 | ||||||||||||
| Published: | 2004-06-14 | ||||||||||||
| Updated: | 2017-10-11 | ||||||||||||
| Summary: | The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. | ||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||||||
| References: | Source: CCN Type: SCO Security Advisory SCOSA-2005.10 Source: SCO Type: UNKNOWN SCOSA-2005.10 Source: CCN Type: BugTraq Mailing List, Tue Jun 15 2004 - 10:17:25 CDT Re: authentication bug in KAME's racoon Source: CCN Type: Full-Disclosure Mailing List, Mon Jun 14 2004 - 13:55:11 CDT authentication bug in KAME's racoon Source: MITRE Type: CNA CVE-2004-0607 Source: CCN Type: Ipsec-Tools Web page IPsec-Tools Homepage Source: BUGTRAQ Type: UNKNOWN 20040614 authentication bug in KAME's racoon Source: BUGTRAQ Type: UNKNOWN 20040615 Re: authentication bug in KAME's racoon Source: CCN Type: RHSA-2004-308 ipsec-tools security update Source: CCN Type: SA11863 KAME Racoon X.509 Certificate Validation Vulnerability Source: SECUNIA Type: UNKNOWN 11863 Source: CCN Type: SA11877 IPsec-Tools Denial of Service and Certificate Validation Vulnerabilities Source: SECUNIA Type: UNKNOWN 11877 Source: GENTOO Type: Patch, Vendor Advisory GLSA-200406-17 Source: CCN Type: SECTRACK ID: 1010495 KAME Racoon May Validate Invalid Certificates Source: SECTRACK Type: UNKNOWN 1010495 Source: CCN Type: IPsec Tools Release Notes Web page Project: Linux IPsec Tools: Release Notes Source: CONFIRM Type: UNKNOWN http://sourceforge.net/project/shownotes.php?release_id=245982 Source: CCN Type: CIAC Information Bulletin O-212 Apple Security Update Source: CCN Type: GLSA-200406-17 IPsec-Tools: authentication bug in racoon Source: CCN Type: GLSA 200406-17 IPsec-Tools: authentication bug in racoon Source: OSVDB Type: UNKNOWN 7113 Source: CCN Type: OSVDB ID: 7113 KAME Racoon X.509 Invalid Certificate Validation Source: REDHAT Type: UNKNOWN RHSA-2004:308 Source: BID Type: Vendor Advisory 10546 Source: CCN Type: BID-10546 KAME Racoon IDE Daemon X.509 Improper Certificate Verification Vulnerability Source: XF Type: UNKNOWN racoon-eaycheckx509cert-auth-bypass(16414) Source: XF Type: UNKNOWN racoon-eaycheckx509cert-auth-bypass(16414) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9163 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||