Apple Computer Inc. Information for VU#382365
LPRng can pass user-supplied input as a format string parameter to syslog() calls
- Vendor Information Help Date Notified: 06 Dec 2000
- Statement Date:
- Date Updated: 11 Dec 2000
Status
Not Affected
Vendor Statement
Apple has conducted an investigation and determined that Mac OS X Public Beta and Mac OS X Server do not use LPRng and are therefore not vulnerable to this exploitation.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.