Caldera Not Affected

Notified:  September 27, 2001 Updated: September 27, 2001

Status

Not Affected

Vendor Statement

No currently supported version of Caldera OpenLinux includes the XMCD package.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Debian Not Affected

Notified:  September 27, 2001 Updated: September 27, 2001

Status

Not Affected

Vendor Statement

Debian updated its xmcd package November 21, 2000 to version 2.5pl1-7.1 which removes the the suid flags from all its binaries. Also see associated security advisory for that change at http://www.debian.org/security/2000/20001121a.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

IBM Unknown

Notified:  September 27, 2001 Updated: November 15, 2001

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

RedHat Unknown

Notified:  September 27, 2001 Updated: November 15, 2001

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Sequent Unknown

Notified:  September 27, 2001 Updated: November 15, 2001

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SuSE Affected

Notified:  August 23, 2001 Updated: September 24, 2001

Status

Affected

Vendor Statement

http://www.linuxsecurity.com/advisories/suse_advisory-1532.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.