Overview
The KAME Racoon IKE daemon fails to properly verify client RSA signatures when using Main or Aggressive Mode during a Phase 1 IKE exchange.
Description
Racoon is an IKE Key Management daemon that negotiates and configures a set of parameters for IPSec. When authenticating a peer in Phase 1 of an IKE exchange, Racoon can use pre-shared keys, RSA signatures, or GSS-API. When using RSA signatures for authentication, Racoon validates the X.509 certificate, but fails to verify the client RSA signature. |
Impact
An attacker with access to a trusted X.509 certificate can conduct a man-in-the-middle attack or establish an authenticated IPSec connection using any private key to generate the RSA signature. |
Solution
Apply Patch Apply a patch as specified by your vendor. If a patch is unavailable, KAME has released a patch that is available in their CVS repository at: |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://ipsec-tools.sourceforge.net/x509sig.html
- http://www.kame.net/racoon/
- http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/crypto_openssl.c.diff?r1=1.83&r2=1.84
- http://vuxml.freebsd.org/d8769838-8814-11d8-90d1-0020ed76ef5a.html
- http://secunia.com/advisories/11328/
- http://forums.gentoo.org/viewtopic.php?t=158550
Acknowledgements
This vulnerability was reported by Ralf Spenneberg.
This document was written by Damon Morda.
Other Information
| CVE IDs: | CVE-2004-0155 |
| Severity Metric: | 8.58 |
| Date Public: | 2004-04-07 |
| Date First Published: | 2004-04-09 |
| Date Last Updated: | 2004-04-09 20:43 UTC |
| Document Revision: | 27 |