oval:org.mitre.oval:def:945

Definition Id: oval:org.mitre.oval:def:945

Oval ID:	oval:org.mitre.oval:def:945
Title:	Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability
Description:	The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0155	Version:	4
Platform(s):	Red Hat Enterprise Linux 3	Product(s):
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND ix86 architecture AND ipsec-tools version is less than 0.2.5-0.4 AND Configuration section racoon is listening on the network