• info
• discussion
• exploit
• solution
• references

KAME Racoon IDE Daemon X.509 Improper Certificate Verification Vulnerability

Solution:
Reportedly, this issue has been fixed in the Linux port of Racoon distributed with IPsec-tools.

Please see the referenced advisories for more information.


Apple Mac OS X 10.2.8

• Apple SecUpd2004-09-07JagClient.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04717&plat form=osx&method=sa/SecUpd2004-09-07JagClient.dmg

Apple Mac OS X Server 10.2.8

• Apple SecUpdSrvr2004-09-07Jag.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04716&plat form=osx&method=sa/SecUpdSrvr2004-09-07Jag.dmg

Apple Mac OS X Server 10.3.4

• Apple SecUpdSrvr2004-09-07PanL.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04713&plat form=osx&method=sa/SecUpdSrvr2004-09-07PanL.dmg

Apple Mac OS X 10.3.4

• Apple SecUpd2004-09-07PanClient.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04712&plat form=osx&method=sa/SecUpd2004-09-07PanClient.dmg

Apple Mac OS X Server 10.3.5

• Apple SecUpdSrvr2004-09-07PanM.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04714&plat form=osx&method=sa/SecUpdSrvr2004-09-07PanM.dmg

Apple Mac OS X 10.3.5

• Apple SecUpd2004-09-07PanMClient.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=04715&plat form=osx&method=sa/SecUpd2004-09-07PanMClient.dmg

SCO Unixware 7.1.4

• SCO erg712650.pkg.Z
  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/erg712650.pkg.Z


• SCO SCOSA-2005.10
  UnixWare 7.1.4
  ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10