3Com Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Alcatel Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Apple Computer Inc. Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Apple: Apple products are not affected by the issue reported inVulnerability Note VU#317350.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Aruba Networks Not Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Not Affected

Vendor Statement

Aruba Wireless Networks Security Advisory Title: ISC DHCPD contains a stack buffer overflow vulnerability in handling log lines containing ASCII characters only Aruba Advisory ID: AID-06142004 Revision: 1.0 For Public Release on 06/17/2004 at 19:00 (GMT) References: CAN-2004-0460 / CERT Vulnerability Note VU#317350 SUMMARY It was disclaimed by ISC, via CERT, that some specially crafted DHCP packets could cause a stack overflow and crash ISC based DHCPD. PRODUCTS AND FIRMWARE VERSIONS AFFECTED Hardware: No Aruba Wireless Networks Platform are affected Software: No Aruba available versions are affected DETAILS This issue could cause a stack overflow and eventual crash of the machine running ISC's DHCPd. Although it was not clear if whether or not that overflow could be used to execute arbitrary code, this should not cause a problem on Aruba Wireless Networks products, since they are not affected by the packets described in the CERT notification. IMPACT None. WORKAROUNDS There is no need for a workaround to be implemented. SOLUTION Aruba products were tested against this possible attack and are not vulnerable to it. OBTAINING FIXED FIRMWARES There is no special firmware needed to address the issue described above. Aruba Support contacts are as follows: 1-800-WiFiLAN (1-800-943-4526) (toll free from within North America) +1-408-754-1200 (toll call from anywhere in the world) e-mail: support(at)arubanetworks.com web: http://www.arubanetworks.com/support Please, do not contact either "wsirt(at)arubanetworks.com" or "security(at)arubanetworks.com" for software upgrades. EXPLOITATION AND PUBLIC ANNOUNCEMENTS This vulnerability will be announced at http://www.kb.cert.org/vuls STATUS OF THIS NOTICE: Final Although Aruba Wireless networks cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Aruba Wireless Networks does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Aruba Wireless Networks may update this advisory. A stand-alone copy or paraphrase of the text of this security advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors. DISTRIBUTION OF THIS ANNOUCEMENT This advisory will be posted on Aruba's website at http://www.arubanetworks.com/support/wsirt/alerts/AID-06142004.asc In addition to worldwide web posting, a text version of this notice is clear-signed with the Aruba WSIRT PGP key having the fingerprint AB90 36CE 259C 7BA1 4FAF 62F8 3EF2 6968 39C3 A3C0 and is posted to the following e-mail recipients. * cert@cert.org Future updates of this advisory, if any, will be placed on Aruba's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates. REVISION HISTORY Revision 1.0 /06-14-2004 / Initial release ARUBA WSIRT SECURITY PROCEDURES Complete information on reporting security vulnerabilities in Aruba Wireless Networks products, obtaining assistance with security incidents is available at http://www.arubanetworks.com/support/wsirt.php For reporting *NEW* Aruba Wireless Networks security issues, email can be sent to wsirt(at)arubanetworks.com or security(at)arubanetworks.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at http://www.arubanetworks.com/support/wsirt.php (c) Copyright 2004 by Aruba Wireless Networks, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

AT&T Unknown

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Avaya Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Avici Systems Inc. Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Charlotte's Web Networks Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Check Point Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Check Point products are not vulnerable to these issues.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Chiaro Networks Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

The Chiaro Networks Enstara platform does not use ICS's DHCP 3 and is not susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Cisco Systems Inc. Not Affected

Notified:  June 10, 2004 Updated: June 24, 2004

Status

Not Affected

Vendor Statement

Not Vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Conectiva Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Cray Inc. Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Data Connection Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Debian Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

D-Link Systems Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

EMC Corporation Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Engarde Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Extreme Networks Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Extreme Networks switch products is not vulnerable to above notification (VU#317350, VU#654390). No action is needed.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

F5 Networks Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

No F5 products are vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Fedora Project Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Affected

Vendor Statement

Fedora Core 2 includes DHCP 3.0.1rc12. Updated packages will be available from http://fedora.redhat.com/download/updates.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Foundry Networks Inc. Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

FreeBSD Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Fujitsu Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Hewlett-Packard Company Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

HP-UX, Tru64 UNIX, and OpenVMS are not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Hitachi Not Affected

Updated:  June 22, 2004

Status

Not Affected

Vendor Statement

Hitachi GR2000/GR4000/GS4000/GS3000 are NOT Vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Hyperchip Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

IBM Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

The AIX Operating System is not vulnerable to the issues discussed in CERT Vulnerability Note VU#317350.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

IBM eServer Unknown

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Unknown

Vendor Statement

IBM eServer Platform Response For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID= In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to http://app-06.www.ibm.com/servers/resourcelink and follow the steps for registration. All questions should be reffered to servsec@us.ibm.com.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

IBM-zSeries Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Immunix Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

InfoBlox Affected

Notified:  June 11, 2004 Updated: July 13, 2004

Status

Affected

Vendor Statement

The Infoblox DNS One product is vulnerable to both of these issues. We have patched these vulnerabilities and released new versions of code, 2.4.0-10 for the black 1U platform, and 2.4.0-10A for the new Model 1000 platform. Affected customers should visit our support site for details, http://support.infoblox.com/, or contact support by phone at 888-INFOBLX (888-463-6259) ext 1.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Ingrian Networks Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Intel Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

ISC Affected

Updated:  June 22, 2004

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Juniper Networks Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Juniper Networks products are not susceptible to these vulnerabilities.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Lucent Technologies Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Luminous Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

MandrakeSoft Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:061.

Microsoft Corporation Not Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

MontaVista Software Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Multinet Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Multi-Tech Systems Inc. Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

NEC Corporation Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

NetBSD Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

NetBSD has not shipped a vulnerable version of ISC dhcpd in -current or any release.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

NetScreen Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Network Appliance Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

NextHop Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Nokia Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Nominum Not Affected

Notified:  June 11, 2004 Updated: June 24, 2004

Status

Not Affected

Vendor Statement

Nominum Foundation Dynamic Configuration Server is not susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Nortel Networks Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Novell Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

OpenBSD Not Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Openwall GNU/*/Linux Not Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Not Affected

Vendor Statement

Openwall GNU/*/Linux (Owl) is not vulnerable to VU#317350 as we only ship dhcpd derived from version 3.0pl2. Since the very inclusion of the DHCP suite in Owl, we also include a patch which makes dhcpd run as its dedicated pseudo-user and in a chroot jail. In response to these new findings, we're adding another "hardening" patch which forces the use of snprintf() and vsnprintf() in all places where *sprintf() was used with non-constant string arguments.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Redback Networks Inc. Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Redback has verified that none of its product-lines is vulnerable. 1. All products in SmartEdge family are not vulnerable. 2. All products in SMS family are not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Red Hat Inc. Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

No updates are required for users of Red Hat Enterprise Linux 2.1 or 3. Both of these distributions include versions of DHCP where these issues are not exploitable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Riverstone Networks Not Affected

Notified:  June 11, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Riverstone Networks' products are not vulnerable to this DCHP problem.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SCO Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Sequent Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SGI Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Sony Corporation Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Sun Microsystems Inc. Not Affected

Notified:  June 10, 2004 Updated: June 22, 2004

Status

Not Affected

Vendor Statement

Sun confirms that we are not vulnerable to the issues described in VU#317350. Solaris does not ship the ISC DHCPD and does not use any of the ISC DHCPD source in its version of DHCPD.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SuSE Inc. Affected

Notified:  June 10, 2004 Updated: June 23, 2004

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see http://www.suse.com/de/security/2004_19_dhcp_server.html.

TurboLinux Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Unisys Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Wind River Systems Inc. Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

ZyXEL Unknown

Updated:  June 22, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

View all 67 vendors View less vendors