The KAME Racoon IKE daemon fails to properly verify client RSA signatures when using Main or Aggressive Mode during a Phase 1 IKE exchange.
Racoon is an IKE Key Management daemon that negotiates and configures a set of parameters for IPSec. When authenticating a peer in Phase 1 of an IKE exchange, Racoon can use pre-shared keys, RSA signatures, or GSS-API. When using RSA signatures for authentication, Racoon validates the X.509 certificate, but fails to verify the client RSA signature.
An attacker with access to a trusted X.509 certificate can conduct a man-in-the-middle attack or establish an authenticated IPSec connection using any private key to generate the RSA signature.
Apply a patch as specified by your vendor. If a patch is unavailable, KAME has released a patch that is available in their CVS repository at:
This vulnerability was reported by Ralf Spenneberg.
This document was written by Damon Morda.
|Date First Published:||2004-04-09|
|Date Last Updated:||2004-04-09 20:43 UTC|