This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing one or more security
A very serious security flaw was discovered by Ralf Spenneberg in
racoon, the IKE daemon of the KAME-tools. Racoon does not very the RSA
signature during phase one of a connection using either main or
aggressive mode. Only the certificate of the client is verified, the
certificate is not used to verify the client's signature.
All versions of ipsec-tools prior to 0.2.5 and 0.3rc5 are vulnerable
to this issue. The provided package updates ipsec-tools to 0.2.5.
Update the affected ipsec-tools and / or libipsec-tools0 packages.
Risk factor :
High / CVSS Base Score : 7.5