Hewlett-Packard Company Information for VU#875073

Kerberos administration daemon vulnerable to buffer overflow

Status

Affected

Vendor Statement

Source: Hewlett-Packard Company Software Security Response Team

RE: CERT VU#875073 CA-2002-29
cross reference id: SSRT2396

HP's implementation for the following Operating Systems Software are not affected by this potential buffer overflow vulnerability in the kadmind4 daemon.

    HP-UX
    HP-MPE/ix
    HP Tru64 UNIX
    HP OpenVMS
    HP NonStop Servers
To report potential security vulnerabilities in HP software, send an E-mail message to: security-alert@hp.com

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

HP Secure OS Software for Linux is affected (HPSBTL0211-077).

If you have feedback, comments, or additional information about this vulnerability, please send us email.