The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote malicious users to bypass authentication.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ipsec-tools ipsec-tools 0.3 |
||
ipsec-tools ipsec-tools 0.3.1 |
||
kame racoon |
||
kame racoon 2003-07-11 |
||
ipsec-tools ipsec-tools 0.3.2 |
||
ipsec-tools ipsec-tools 0.3_rc1 |
||
kame racoon 2004-04-05 |
||
kame racoon 2004-04-07b |
||
ipsec-tools ipsec-tools 0.3_rc2 |
||
ipsec-tools ipsec-tools 0.3_rc3 |
||
kame racoon 2004-05-03 |
||
ipsec-tools ipsec-tools 0.3_rc4 |
||
ipsec-tools ipsec-tools 0.3_rc5 |
||
redhat enterprise linux 3.0 |
||
redhat enterprise linux desktop 3.0 |
Vulmon