KAME Racoon IDE Daemon X.509 Improper Certificate Verification Vulnerability

Racoon improperly validates X.509 certificates when negotiating IPSec connections.

When checking certificate validity, Racoon ignores many errors from OpenSSL and grants access to invalid certificates.

When ignoring these errors, Racoon allows improper certificates to be used when authenticating connections.

This vulnerability could allow attackers to forge certificates and potentially gain access to IPSec VPNs. This would also effectively make all certificates permanent.

It is unknown which versions of Racoon are vulnerable at this time.


Privacy Statement
Copyright 2010, SecurityFocus