Sun Microsystems Inc. Information for VU#412115

• Vendor Information Help Date Notified: 25 Jun 2002
• Statement Date:
• Date Updated: 03 Feb 2003

Status

Affected

Vendor Statement

Sun is investigating its network device drivers in order to determine if they are affected by this issue of reusing old frame buffer data to pad
packets. A list of interfaces which have completed investigation thus far is as follows:

Interface Name                                  Vulnerable?
ce(7D) - Cassini Gigabit-Ethernet                   No
dmfe(7D) - Davicom Fast Ethernet                    No
elxl(7D) - 3Com EtherLink XL/Server                 Yes
eri(7D) - eri Fast-Ethernet                         No
ge(7D) - GEM Gigabit-Ethernet                       No
iprb(7D) - Intel 82557, 82558,                      No
          82559-controlled Ethernet
le(7D) - Am7990 (LANCE) Ethernet                    Yes
pcelx(7D) - 3COM EtherLink III PCMCIA Ethernet      No
qfe(7D) - Quad Fast-Ethernet                        No

Additional interfaces are under investigation. A complete listing along with patch details for affected interfaces will be provided in a Sun Alert to be published soon.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.