CVE-2004-0155
Priority
Untriaged
Description
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1,
validates the X.509 certificate but does not verify the RSA signature
authentication, which allows remote attackers to establish unauthorized IP
connections or conduct man-in-the-middle attacks using a valid, trusted
X.509 certificate.
validates the X.509 certificate but does not verify the RSA signature
authentication, which allows remote attackers to establish unauthorized IP
connections or conduct man-in-the-middle attacks using a valid, trusted
X.509 certificate.