Apple Computer, Inc. Affected

Notified:  March 28, 2005 Updated: April 01, 2005

Status

Affected

Vendor Statement

This is fixed in Security Update 2005-003, and further information is available from http://docs.info.apple.com/article.html?artnum=301061.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Cray Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Debian Linux Affected

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Affected

Vendor Statement

Debian is vulnerable for this problem. In our stable distribution the following versions will correct the problem: netkit-telnet stable 0.17-18woody3 netkit-telnet-ssl stable 0.17.17+0.1-2woody4

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

EMC Corporation Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Engarde Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

F5 Networks, Inc. Affected

Notified:  March 28, 2005 Updated: May 02, 2005

Status

Affected

Vendor Statement

The telnet client vulnerabilities are considered local vulnerabilities on BIG-IP 4.x products and will be patched in releases 4.5.13 and 4.6.3. BIG-IP 9.x, FirePass and TrafficShield are not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

FreeBSD, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Fujitsu Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Hitachi Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

HP Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

IBM Corporation Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

IBM eServer Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

IBM zSeries Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Immunix Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Ingrian Networks, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Juniper Networks, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Mandriva, Inc. Affected

Notified:  March 28, 2005 Updated: April 01, 2005

Status

Affected

Vendor Statement

Mandrakesoft has issued the advisory MDKSA-2005:061 to fix the vulnerabilities in our kerberos telnet client packages.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Mandriva, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Microsoft Corporation Not Affected

Notified:  March 28, 2005 Updated: April 01, 2005

Status

Not Affected

Vendor Statement

We have investigated these reports and have determined that there are no Microsoft platforms affected.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

MiT Kerberos Development Team Affected

Updated:  March 29, 2005

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

MIT Kerberos has issued MIT krb5 Security Advisory 2005-001 in response to this vulnerability.

MontaVista Software, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

NEC Corporation Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

NetBSD Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Nokia Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Novell, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

OpenBSD Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Openwall GNU/*/Linux Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Red Hat, Inc. Affected

Notified:  March 28, 2005 Updated: December 22, 2005

Status

Affected

Vendor Statement

Updates are available for Red Hat Enterprise Linux 2.1, 3, and 4 to correct this issue. New telnet and Kerberos packages along with our advisory are available at the URL below and by using the Red Hat Network 'up2date' tool. http://rhn.redhat.com/errata/CAN-2005-0469.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Sequent Computer Systems, Inc. Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

SGI Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Sony Corporation Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Sun Microsystems, Inc. Affected

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Affected

Vendor Statement

Sun confirms that the telnet(1) vulnerabilities do affect all currently supported versions of Solaris: Solaris 7, 8, 9 and 10 Sun has released a Sun Alert which describes a workaround until patches are available at: http://sunsolve.sun.com Sun Alert #57755 The Sun Alert will be updated with the patch information once it becomes available. Sun patches are available from: http://sunsolve.sun.com/securitypatch

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

SUSE Linux Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

The SCO Group (SCO Linux) Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

The SCO Group (SCO Unix) Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

TurboLinux Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Unisys Unknown

Notified:  March 28, 2005 Updated: March 29, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

Wind River Systems, Inc. Unknown

Notified:  March 28, 2005 Updated: August 08, 2005

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

View all 38 vendors View less vendors