CVE-2004-0607

Name of the Vulnerable Software and Affected Versions KAME Racoon (affected versions not specified) ipsec-tools versions prior to 0.3.3

Description The issue allows remote attackers to bypass authentication due to the eay check x509cert function in KAME Racoon successfully verifying certificates even when OpenSSL validation fails. Multiple vulnerabilities in the ipsec-tools package can lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For KAME Racoon, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For ipsec-tools versions prior to 0.3.3, update to version 0.3.3 or later to resolve the issue.