Notified: December 19, 2002 Updated: January 20, 2003
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Based in information from Sun and Kodak, this vulnerability exists only in the Solaris KCMS implementation (kcms_server). No other KCMS implementation is affected.
Notified: November 04, 2002 Updated: January 17, 2003
Affected
Sun confirms that this kcms_server(1) vulnerability does affect all currently supported versions of Solaris: Solaris 2.6, 7, 8, and 9 Sun will be releasing a Sun Alert which describes two possible workarounds until a final resolution is reached which will be available from the following location shortly: http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/50104 The Sun Alert will be updated once a final resolution is available.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.