← Back

CVE-2004-0590

nvd nist
Published: Dec 6, 2004Modified: Apr 16, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.

Affected (6)

Frees Wan
2 products
Frees Wan
Super Frees Wan
Openswan
1 product
Openswan
Strongswan
1 product
Strongswan
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Frees Wan
Frees Wan
Version 1
Frees Wan
Version 2
Super Frees Wan
Version 1
Openswan
Openswan
Version 1
Openswan
Version 2
Strongswan
Up to 2.1.2

References (8)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.