Notified: March 10, 2004 Updated: March 11, 2004
Not Affected
Apple: Not Vulnerable
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Up2Date 4.021 #35996.
Notified: March 10, 2004 Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see CLSA-2004:820.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 11, 2004
Affected
We have fixed this problem for our various kernels in the following advisories: http://www.debian.org/security/2004/dsa-456 http://www.debian.org/security/2004/dsa-454 http://www.debian.org/security/2004/dsa-453 http://www.debian.org/security/2004/dsa-450 http://www.debian.org/security/2004/dsa-444 http://www.debian.org/security/2004/dsa-442 http://www.debian.org/security/2004/dsa-440 http://www.debian.org/security/2004/dsa-439 http://www.debian.org/security/2004/dsa-441 http://www.debian.org/security/2004/dsa-438
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see FLSA:1284.
Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see FEDORA-2004-080.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Not Affected
Fujitsu's UXP/V o.s. is not affected by the problem in VU#981222 because it does not support the mremap.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see GLSA 200403-02.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Unknown
IBM eServer Platform Response For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/security=alerts?OpenDocument&pathID= In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to http://app-06.www.ibm.com/servers/resourcelink and follow the steps for registration. All questions should be reffered to servsec@us.ibm.com.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 10, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
This issue is resolved in Linux kernels 2.2.26, 2.4.25, and 2.6.3.
Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see LNSA-#2004-0003.
Notified: March 10, 2004 Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see MDKSA-2004:015 and MDKSA-2004:015-1.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Not Affected
NetBSD is not affected.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Affected
No supported release of Openwall GNU/*/Linux (Owl) was affected by this vulnerability as of the time it was made public. We had the bug proactively fixed in Owl 1.1 release (Linux kernel 2.4.23-ow2), not realizing its full security impact at the time. Although those are no longer a part of Owl (not in Owl 1.1), we continue to maintain security hardening patches for Linux 2.2.x kernels and make them available for the public. Linux 2.2.x was affected by a variation of this vulnerability and thus, as a service to the community, we had included a workaround in Linux 2.2.25-ow2 patch. Linux 2.2.26 now includes the same change.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 11, 2004
Affected
Updates to correct this issue were made available for Red Hat Linux and Red Hat Enterprise Linux. Users of the Red Hat Network can update their systems using the 'up2date' tool. Red Hat Linux 9: http://rhn.redhat.com/errata/RHSA-2004-065.html Red Hat Enterprise Linux 3: http://rhn.redhat.com/errata/RHSA-2004-066.html Red Hat Enterprise Linux 2.1: http://rhn.redhat.com/errata/RHSA-2004-069.html
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see 20040204-01-U.
Updated: March 25, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see SSA:2004-049-01.
Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see SWL-2004:002.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 25, 2004
Affected
The following Sun products are vulnerable. Java Desktop System Version 2003. A patch is available to customers via the on-line update mechanism in JDS. Please see http://wwws.sun.com/software/javadesktopsystem/update/index.html for further details. Sun Cobalt legacy products: RaQ4 RaQXTR Qube3 RaQ550 Sun will be publishing Sun Alerts for this issue which will be available from the following location: http://sunsolve.Sun.COM/pub-cgi/search.pl?mode=results&so=date&coll=fsalert&zone_32=category:security The Sun Alerts will be updated with the patch information as soon as patches are available.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see SuSE-SA:2004:005.
Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see TSLSA-2004-0007 (Trustix 2.0, kernel 2.4.24) and TSLSA-2004-0008 (Trustix 1.5, kernel 2.2.25).
Notified: March 10, 2004 Updated: March 11, 2004
Affected
This Vulnerability is fixed by TLSA-2004-7. Please refer to http://www.turbolinux.com/security/2004/TLSA-2004-7.txt
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 11, 2004
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: March 10, 2004 Updated: March 11, 2004
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see IMNX-2004-7+-001-01.