cbcvebase.
CVE-2004-0607
published 2004-12-06

CVE-2004-0607: The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to…

PriorityP343critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
5.44%
91.7th percentile
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.

Affected

14 ranges
VendorProductVersion rangeFixed in
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
ipsec-toolsipsec-tools
kameracoon
kameracoon
kameracoon
kameracoon
redhatenterprise_linux
redhatenterprise_linux_desktop

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.