CERTA-2004-AVI-259
Vulnerability from certfr_avis
None
Description
KAME Racoon est le service chargé de négocier les associations de
sécurité (SA) pour IPSec (utilisation des protocoles ISAKMP et IKE).
KAME Racoon ne vérife pas correctement les signatures associées aux
certificats au format X.509. Il est alors possible pour un utilisateur
distant mal intentionné de s'authentifier et réaliser une connexion en
violation de la politique de sécurité.
Solution
La version 0.3.3 d'IPsec-tools corrige cette vulnérabilité.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des
correctifs.
Versions d'IPsec-tools antérieures à 0.3.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eVersions d\u0027IPsec-tools ant\u00e9rieures \u00e0 0.3.3.\u003c/p\u003e",
"content": "## Description\n\nKAME Racoon est le service charg\u00e9 de n\u00e9gocier les associations de\ns\u00e9curit\u00e9 (SA) pour IPSec (utilisation des protocoles ISAKMP et IKE). \nKAME Racoon ne v\u00e9rife pas correctement les signatures associ\u00e9es aux\ncertificats au format X.509. Il est alors possible pour un utilisateur\ndistant mal intentionn\u00e9 de s\u0027authentifier et r\u00e9aliser une connexion en\nviolation de la politique de s\u00e9curit\u00e9.\n\n## Solution\n\nLa version 0.3.3 d\u0027IPsec-tools corrige cette vuln\u00e9rabilit\u00e9. \nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs.\n",
"cves": [],
"initial_release_date": "2004-07-30T00:00:00",
"last_revision_date": "2004-09-08T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200406-17 du 22 juin 2004 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml"
},
{
"title": "Site Internet d\u0027IPsec tools :",
"url": "http://sourceforge.net/projects/ipsec-tools"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2004:308 du 29 juillet 2004 :",
"url": "http://rhn.redhat.com/errata/RHSA-2004-308.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 07 septembre 2004 :",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
}
],
"reference": "CERTA-2004-AVI-259",
"revisions": [
{
"description": "ajout de la r\u00e9f\u00e9rence CVE CAN-2004-0607.",
"revision_date": "2004-07-30T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Apple.",
"revision_date": "2004-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 de KAME Racoon",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 GLSA 200406-17 de Gentoo",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RHSA-2004:308 de Red Hat",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…