Thomas Walpuski

**Name of the Vulnerable Software and Affected Versions** KAME Racoon (affected versions not specified) ipsec-tools versions prior to 0.3.3 **Description** The issue allows remote attackers to bypass authentication due to the eay check x509cert function in KAME Racoon successfully verifying certificates even when OpenSSL validation fails. Multiple vulnerabilities in the ipsec-tools package can lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely. **Recommendations** For KAME Racoon, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For ipsec-tools versions prior to 0.3.3, update to version 0.3.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** FreeBSD versions prior to 5.3 NetBSD versions prior to 1.4 OpenBSD versions prior to 2.7 **Description** The issue is related to the shmat system call in the System V Shared Memory interface. It does not properly decrement a shared memory segment's reference count when the vm map find function fails. This could allow local users to gain read or write access to a portion of kernel memory and potentially gain privileges. **Recommendations** For FreeBSD versions prior to 5.3, update to version 5.3 or later. For NetBSD versions prior to 1.4, update to version 1.4 or later. For OpenBSD versions prior to 2.7, update to version 2.7 or later.