Cray Inc. Unknown

Updated:  March 24, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

EMC Corporation Unknown

Updated:  March 24, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Hewlett-Packard Company Affected

Notified:  March 23, 2004 Updated: June 18, 2004

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see HPSBUX01038/SSRT4721.

IBM Affected

Notified:  March 23, 2004 Updated: June 18, 2004

Status

Affected

Vendor Statement

The AIX Security Team is aware of the issues discussed in CERT Vulnerability Note VU#179804. The following APARs are available to address this issue: APAR number for AIX 4.3.3: IY55362 (available) APAR number for AIX 5.1.0: IY55361 (available) APAR number for AIX 5.2.0: IY55360 (available) AIX Version 4.3.3 and Version 5 APARs can be downloaded from the eServer pSeries Fix Central web site: http://www-912.ibm.com/eserver/support/fixes/fcgui.jsp If you would like to receive AIX Security Advisories via email, please visit: https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SCO Affected

Notified:  March 23, 2004 Updated: April 04, 2004

Status

Affected

Vendor Statement

It looks like UnixWare version 7.1.1 is affected. Versions 7.1.2 (a.k.a Open Unix 8.0.0) and version 7.1.3 are unaffected as xdmcp is disabled by default. We recommend that UnixWare 7.1.1 customers disable xdmcp in dtlogin as outlined in Vulnerability Note VU#179804

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SGI Affected

Notified:  March 23, 2004 Updated: May 10, 2005

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see SGI Security Advisory 20040801-01-P.

Sun Microsystems Inc. Affected

Notified:  March 23, 2004 Updated: June 23, 2004

Status

Affected

Vendor Statement

Sun Microsystems Inc. is affected by this issue and is currently working on a solution. A SunAlert regarding this issue will be published shortly. Please refer to: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57539 For a future SunAlert addressing this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

The Open Group Unknown

Updated:  March 24, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Xi Graphics Unknown

Updated:  March 24, 2004

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.