Notified: August 21, 2001 Updated: October 01, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: July 28, 2004
Affected
The patched release will be 2.1.0a, and all future releases (2.1.0b or higher, or the scheduled 2.1.1). The fix should be released in the next 7 days. Please note that this vulnerablity exists in all previous releases that I have copies of (going back to 2.0.4), and I assume all the way back from there. Important PLEASE NOTE: this problem *only* occurs, if the package was compiled with SYSLOG_DEBUG *not* defined, which should *not* be the case in production versions. (The vunerability is caused by a debug file.) The *simplest* fix is to check the source code (file "tune.h"), for "#define SYSLOG" and "#define SYSLOG_DEBUG". If present, then this vunerabilty does *not* exist, as the code that creates the file in question is disabled. If *not* present, then include these in the tune.h file, re-compile, and re-install.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: January 10, 2001 Updated: August 17, 2001
Affected
Immunix Security Advisory 2000-70-025-01
The vendor has not provided us with any further information regarding this vulnerability.
Packages updated: getty_ps
Effected products: Immunix OS 7.0-beta
Bugs Fixed: immunix/1317
Date: January 10, 2000
Advisory ID: IMNX-2000-70-025-01
Author: Greg Kroah-Hartman
Notified: January 10, 2001 Updated: August 17, 2001
Affected
http://www.linuxsecurity.com/advisories/mandrake_advisory-1037.html
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2001 Updated: October 01, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2001 Updated: October 01, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2001 Updated: August 28, 2001
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The version shipped by SuSE does not appear to be vulnerable.
Notified: August 21, 2001 Updated: October 01, 2001
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.