FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x prior to 1.0.6, openswan 2.x prior to 2.1.4, and strongSwan prior to 2.1.3, allows remote malicious users to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
frees wan frees wan 1 |
||
frees wan frees wan 2 |
||
frees wan super frees wan 1 |
||
openswan openswan 1 |
||
openswan openswan 2 |
||
strongswan strongswan |