FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-06-30T04:00:00
Updated: 2024-08-08T00:24:27.001Z
Reserved: 2004-06-23T00:00:00
Link: CVE-2004-0590
Vulnrichment
No data.
NVD
Status : Modified
Published: 2004-12-06T05:00:00.000
Modified: 2024-11-20T23:48:55.497
Link: CVE-2004-0590
Redhat
No data.