Apple Computer Inc. Not Affected

Notified:  June 07, 2002 Updated: July 31, 2002

Status

Not Affected

Vendor Statement

Mac OS X does not ship with vi.recover.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Cray Inc. Not Affected

Notified:  June 07, 2002 Updated: July 31, 2002

Status

Not Affected

Vendor Statement

Cray, Inc. is not vulnerable as the vi that is released with Unicos, Unicos/mk, and the MTA is based on a different version and does not contain this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

FreeBSD Not Affected

Updated:  July 31, 2002

Status

Not Affected

Vendor Statement

FreeBSD does not have this vulnerability. Rather than removing files listed on the X-vi-recover-path: line, the owner of the recover file is simply notified via email.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Fujitsu Not Affected

Notified:  June 07, 2002 Updated: July 31, 2002

Status

Not Affected

Vendor Statement

Regarding the vi.recover vulnerability described in VU#191675, we have determined that the Fujitsu UXP/V operating system is not affected because the implementation of the vi.recover command in UXP/V is different from the one described in VU#191675.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

OpenBSD Affected

Notified:  August 05, 2002 Updated: December 10, 2002

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

SGI Not Affected

Notified:  June 07, 2002 Updated: July 31, 2002

Status

Not Affected

Vendor Statement

IRIX is not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Sun Microsystems Inc. Not Affected

Notified:  June 07, 2002 Updated: July 31, 2002

Status

Not Affected

Vendor Statement

Solaris uses /usr/lib/expreserve and /usr/lib/exrecover for the related functions, both are binaries and not perl scripts and aren't believed to be affected by this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.