Hewlett-Packard Company Information for VU#222750

TCP/IP implementations do not adequately validate ICMP error messages



Vendor Statement

SOURCE: Hewlett-Packard CompanySoftware Security Response Team


HP is investigating the potential impact to HP's products.

As further information becomes available HP will provide notice through standard security bulletin announcements.

To report potential security vulnerabilities in HP software, send an E-mail message to security-alert@hp.com.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



Please see HPSBUX01164/SSRT4884 (HP-UX) and HPSBTU01210/SSRT4743 (HP Tru64 UNIX).

If you have feedback, comments, or additional information about this vulnerability, please send us email.