Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability

Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability

An attacker may exploit this issue using the racoon daemon itself by setting the following configuration option:

certificate_type x509 certificate badprivatekey;

(where 'badprivatekey' equals an arbitrary private key for the certificate)

The attacker can then make an unauthorized connection.