Unrated severityNVD Advisory· Published Jun 1, 2004· Updated Apr 16, 2026
CVE-2004-0155
CVE-2004-0155
Description
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- www.redhat.com/support/errata/RHSA-2004-165.htmlnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/552398nvdUS Government Resource
- ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txtnvd
- marc.infonvd
- marc.infonvd
- secunia.com/advisories/11328nvd
- www.gentoo.org/security/en/glsa/glsa-200406-17.xmlnvd
- www.mandrakesecure.net/en/advisories/advisory.phpnvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/10072nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9291nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A945nvd
News mentions
0No linked articles in our index yet.