[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[suse-security] "brain dead" cert. verification kame



Hi,

seems racoon doesn't check properly for valid x509 certs (BID 10546).
Are
Suse 9.1 IPsec tools vulnerable? I haven't looked into the relevant
portion of code yet, but it looks like it is. Bugtraq recommends an
upgrade to 0.3.3 .


Cheers,
       Dirk Wetter




	
		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail 

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here