First published: Wed Jun 30 2004(Updated: )
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Frees Wan Frees Wan | =1 | |
Openswan Openswan | =2 | |
Frees Wan Frees Wan | =2 | |
Openswan Openswan | =1 | |
Frees Wan Super Frees Wan | =1 | |
Strongswan Strongswan | <=2.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.