Package: vpnc
Version: 0.5.1r275-1
Severity: minor
The manpage of vpnc contains a nearly duplicated warning:
OBLIGATORY WARNING: the most used configuration (XAUTH
authentication with
pre-shared keys and password authentication) is insecure by
design, be aware
of this fact when you use vpnc to exchange sensitive data like
passwords!
OBLICATORY WARNING: the most used configuration (XAUTH
authentication) is
insecure by design, be aware of this fact when you use vpnc to
exchange sen‐
sitive data like passwords!
perhaps that should be fixed.
Chris.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.23 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_DE.UTF-8, LC_CTYPE=en_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages vpnc depends on:
ii libc6 2.7-9 GNU C Library: Shared
libraries
ii libgcrypt11 1.4.0-3 LGPL Crypto library -
runtime libr
Versions of packages vpnc recommends:
ii iproute 20080108-1 Professional tools to
control the
ii resolvconf 1.38 nameserver information
handler
-- no debconf information
smime.p7s
Description: S/MIME cryptographic signature
