CVE-2004-0607

Current Description

The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

Basic Data

PublishedDecember 06, 2004
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationIpsec-toolsIpsec-tools0.3*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3.1*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3.2*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3_rc1*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3_rc2*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3_rc3*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3_rc4*******
    2.3ApplicationIpsec-toolsIpsec-tools0.3_rc5*******
    2.3ApplicationKameRacoon********
    2.3ApplicationKameRacoon2003-07-11*******
    2.3ApplicationKameRacoon2004-04-05*******
    2.3ApplicationKameRacoon2004-04-07b*******
    2.3ApplicationKameRacoon2004-05-03*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatEnterprise Linux3.0*advanced_servers*****
    2.3OSRedhatEnterprise Linux3.0*enterprise_server*****
    2.3OSRedhatEnterprise Linux3.0*workstation*****
    2.3OSRedhatEnterprise Linux Desktop3.0*******

Vulnerable Software List

VendorProductVersions
Kame Racoon *, 2003-07-11, 2004-04-05, 2004-04-07b, 2004-05-03
Redhat Enterprise Linux 3.0
Redhat Enterprise Linux Desktop 3.0
Ipsec-tools Ipsec-tools 0.3, 0.3.1, 0.3.2, 0.3_rc1, 0.3_rc2, 0.3_rc3, 0.3_rc4, 0.3_rc5

References

NameSourceURLTags
SCOSA-2005.10ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txtSCO
20040614 authentication bug in KAME's racoonhttp://marc.info/?l=bugtraq&m=108726102304507&w=2BUGTRAQ
20040615 Re: authentication bug in KAME's racoonhttp://marc.info/?l=bugtraq&m=108731967126033&w=2BUGTRAQ
11863http://secunia.com/advisories/11863SECUNIA
11877http://secunia.com/advisories/11877SECUNIA
GLSA-200406-17http://security.gentoo.org/glsa/glsa-200406-17.xmlGENTOOPATCH Vendor Advisory
1010495http://securitytracker.com/id?1010495SECTRACK
http://sourceforge.net/project/shownotes.php?release_id=245982http://sourceforge.net/project/shownotes.php?release_id=245982CONFIRM
7113http://www.osvdb.org/7113OSVDB
RHSA-2004:308http://www.redhat.com/support/errata/RHSA-2004-308.htmlREDHAT
10546http://www.securityfocus.com/bid/10546BIDVendor Advisory
racoon-eaycheckx509cert-auth-bypass(16414)https://exchange.xforce.ibmcloud.com/vulnerabilities/16414XF
oval:org.mitre.oval:def:9163https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9163OVAL