Hewlett-Packard Company Information for VU#24140

Linux kernel IP Masquerading "destination loose" (DLOOSE) configuration passes arbitrary UDP traffic

Status

Not Affected

Vendor Statement

We now have confirmed our original response that HP's IPFilter/9000 is NOT vulnerable to this security hole. HP's IPFilter/9000 is not in the core OS. So filtering and nat functionality is not part of the TCP/IP streams stack.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Hewlett Packard has reported that HP Secure OS Software for Linux (Trusted Linux) is not vulnerable since it is based on the 2.4 kernel.

If you have feedback, comments, or additional information about this vulnerability, please send us email.