FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

racoon -- improper certificate handling

Affected packages
racoon < 20040818a

Details

VuXML ID 2328adef-157c-11d9-8402-000d93664d5c
Discovery 2004-01-31
Entry 2004-10-03

Thomas Walpuski noted when OpenSSL would detect an error condition for a peer certificate, racoon mistakenly ignored the error. This could allow five invalid certificate states to properly be used for authentication.

References

Message 20040614185623.GA10290@unproved.org
URL http://www.kame.net/racoon/racoon-ml/msg00517.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.