Bugtraq mailing list archives
[ GLSA 200406-17 ] IPsec-Tools: authentication bug in racoon
From: Thierry Carrez <koon () gentoo org>
Date: Tue, 22 Jun 2004 19:23:49 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200406-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: IPsec-Tools: authentication bug in racoon Date: June 22, 2004 Bugs: #53915 ID: 200406-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== racoon provided as part of IPsec-Tools fails do proper authentication. Background ========== IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-firewall/ipsec-tools < 0.3.3 >= 0.3.3 Description =========== The KAME IKE daemon racoon is used to authenticate peers during Phase 1 when using either preshared keys, GSS-API, or RSA signatures. When using RSA signatures racoon validates the X.509 certificate but not the RSA signature. Impact ====== By sending a valid and trusted X.509 certificate and any private key an attacker could exploit this vulnerability to perform man-in-the-middle attacks and initiate unauthorized connections. Workaround ========== There is no known workaround at this time. All users are encouraged to upgrade to the latest available version. Resolution ========== All IPsec-Tools users should upgrade to the latest stable version: # emerge sync # emerge -pv ">=net-firewall/ipsec-tools-0.3.3" # emerge ">=net-firewall/ipsec-tools-0.3.3" References ========== [ 1 ] IPsec-Tools Advisory http://ipsec-tools.sourceforge.net/x509sig.html Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200406-17.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security () gentoo org or alternatively, you may file a bug at http://bugs.gentoo.org. License ======= Copyright 2004 Gentoo Technologies, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/1.0 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA2GslvcL1obalX08RApYlAKCNdpQPaAa2pi5PTpQ3CZLD/at/3QCdH8ow 6d68DXn0JhhYvtVi3KjfeOE= =3zZa -----END PGP SIGNATURE-----
Current thread:
- [ GLSA 200406-17 ] IPsec-Tools: authentication bug in racoon Thierry Carrez (Jun 22)