CVE-CVE-2004-0607 | UNKNOWN Severity | CVEDatabase.com

Description

The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

CVSS Metrics

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Access Vector: network
Access Cmplx: low
Auth: none
Confidentiality: complete
Integrity: complete
Availability: complete
Weaknesses: NVD-CWE-Other

Metadata

Primary Vendor: IPSEC-TOOLS
Published: 12/6/2004
Last Modified: 4/3/2025
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

ipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolsipsec-tools : ipsec-toolskame : racoonkame : racoonkame : racoonkame : racoonkame : racoonredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linuxredhat : enterprise_linux_desktop

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD