Hewlett-Packard Company Information for VU#222750

TCP/IP implementations do not adequately validate ICMP error messages

Status

Affected

Vendor Statement

SOURCE: Hewlett-Packard CompanySoftware Security Response Team

x-ref:SSRT4884

HP is investigating the potential impact to HP's products.

As further information becomes available HP will provide notice through standard security bulletin announcements.

To report potential security vulnerabilities in HP software, send an E-mail message to security-alert@hp.com.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see HPSBUX01164/SSRT4884 (HP-UX) and HPSBTU01210/SSRT4743 (HP Tru64 UNIX).

If you have feedback, comments, or additional information about this vulnerability, please send us email.