[Openswan dev] [Announce] Response to hype around NISCC
Vulnerability Advisory IPSEC 004033
D. Hugh Redelmeier
hugh at mimosa.com
Mon May 16 03:48:12 CEST 2005
| From: Paul Wouters <paul at xelerance.com>
I just now saw http://www.kb.cert.org/vuls/id/302220.
It does not list Openswan or Xelerance. Why?
It does list FreeS/WAN. As "unknown".
The code you quote looks identical to what I remember writing for
FreeS/WAN, so neither should have this problem. (I have not gone back
to read the code to make sure.)
It might be possible to get into trouble using manual keying. I don't
consider that a surprise or revelation.
More information about the Dev
mailing list