CERTA-2004-AVI-259
Vulnerability from certfr_avis - Published: 2004-07-30 - Updated: 2004-09-08None
Description
KAME Racoon est le service chargé de négocier les associations de
sécurité (SA) pour IPSec (utilisation des protocoles ISAKMP et IKE).
KAME Racoon ne vérife pas correctement les signatures associées aux
certificats au format X.509. Il est alors possible pour un utilisateur
distant mal intentionné de s'authentifier et réaliser une connexion en
violation de la politique de sécurité.
Solution
La version 0.3.3 d'IPsec-tools corrige cette vulnérabilité.
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des
correctifs.
Versions d'IPsec-tools antérieures à 0.3.3.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cp\u003eVersions d\u0027IPsec-tools ant\u00e9rieures \u00e0 0.3.3.\u003c/p\u003e",
"content": "## Description\n\nKAME Racoon est le service charg\u00e9 de n\u00e9gocier les associations de\ns\u00e9curit\u00e9 (SA) pour IPSec (utilisation des protocoles ISAKMP et IKE). \nKAME Racoon ne v\u00e9rife pas correctement les signatures associ\u00e9es aux\ncertificats au format X.509. Il est alors possible pour un utilisateur\ndistant mal intentionn\u00e9 de s\u0027authentifier et r\u00e9aliser une connexion en\nviolation de la politique de s\u00e9curit\u00e9.\n\n## Solution\n\nLa version 0.3.3 d\u0027IPsec-tools corrige cette vuln\u00e9rabilit\u00e9. \nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs.\n",
"cves": [],
"initial_release_date": "2004-07-30T00:00:00",
"last_revision_date": "2004-09-08T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200406-17 du 22 juin 2004 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml"
},
{
"title": "Site Internet d\u0027IPsec tools :",
"url": "http://sourceforge.net/projects/ipsec-tools"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2004:308 du 29 juillet 2004 :",
"url": "http://rhn.redhat.com/errata/RHSA-2004-308.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Apple du 07 septembre 2004 :",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
}
],
"reference": "CERTA-2004-AVI-259",
"revisions": [
{
"description": "ajout de la r\u00e9f\u00e9rence CVE CAN-2004-0607.",
"revision_date": "2004-07-30T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Apple.",
"revision_date": "2004-09-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 de KAME Racoon",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 GLSA 200406-17 de Gentoo",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 RHSA-2004:308 de Red Hat",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…