Compaq Computer Corporation Information for VU#745371
Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options
- Vendor Information Help Date Notified: 24 Jul 2001
- Statement Date:
- Date Updated: 01 Aug 2001
-----BEGIN PGP SIGNED MESSAGE-----
SOURCE: Compaq Computer Corporation
Software Security Response Team USA
Compaq case id SSRT0745U
ref: potential telnetd option handling vulnerability
x-ref: TESO Security Advisory 06/2001
CERT CA2001-21 Advisory 07/2001
Compaq has evaluated this vulnerability to telnetd
distributed for Compaq Tru64/UNIX and OpenVMS Operating
Systems Software and has determined that telnetd is not
vulnerable to unauthorized command execution or
Compaq appreciates your cooperation and patience.
We regret any inconvenience applying this information
As always, Compaq urges you to periodically review your system
management and security procedures. Compaq will continue to
review and enhance the security features of its products and work
with customers to maintain and improve the security and integrity
of their systems.
To subscribe to automatically receive future NEW Security
Advisories from the Compaq's Software Security Response Team
via electronic mail,
Use your browser select the URL
Select "Security and Individual Notices" for immediate dispatch
notifications directly to your mailbox.
To report new Security Vulnerabilities, send mail to:
(c) Copyright 2001 Compaq Computer Corporation. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.1
-----END PGP SIGNATURE-----
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.