Author: jmm-guest Date: 2005-04-03 20:53:12 +0000 (Sun, 03 Apr 2005) New Revision: 733 Modified: sarge-checks/CAN/list Log: This is nothing that can be fixed, it''s a report about a principal cryptographic problem in IKE. In fact it''s not the only one and this specific problem is known since ca. 2000. There''s an interesting paper by Radia Perlman about flaws in IKE that describes the full details. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-03 16:07:58 UTC (rev 732) +++ sarge-checks/CAN/list 2005-04-03 20:53:12 UTC (rev 733) @@ -234,7 +234,7 @@ CAN-2002-1624 (Buffer overflow in Lotus Domino web server before R5.0.10, when ...) NOTE: not-for-us (Lotus Domino CAN-2002-1623 (The design of the Internet Key Exchange (IKE) protocol, when using ...) - TODO: check implementatons (isakmpd, etc) + NOTE: not-for-us (Principal protocol flaw) CAN-2002-1622 (Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow ...) NOTE: not-for-us (AIX) CAN-2002-1621 (Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and ...)