Apple Computer, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

AttachmateWRQ, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Conectiva Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Cray Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

CyberSafe, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Not Vulnerable

Vendor Statement

The vulnerabilities referenced in VU#365313 do not apply to CyberSafe products, including all versions of TrustBroker, ActiveTRUST and Challenger products.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Debian GNU/Linux

Notified:  June 18, 2007 Updated: July 30, 2007

Status

  Vulnerable

Vendor Statement

These vulnerabilities have been fixed in Debian GNU/Linux 4.0 (stable) in version 1.4.4-7etch2. and for Debian GNU/Linux 3.1 (oldstable) in version 1.3.6-2sarge5 via Debian Security Advisory 1323 as in

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

EMC Corporation

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Engarde Secure Linux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

F5 Networks, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Fedora Project

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

FreeBSD, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Fujitsu

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Gentoo Linux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hewlett-Packard Company

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Hitachi

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM Corporation

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM Corporation (zseries)

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

IBM eServer

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Immunix Communications, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Ingrian Networks, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Juniper Networks, Inc.

Notified:  June 18, 2007 Updated: June 26, 2007

Status

  Not Vulnerable

Vendor Statement

Juniper Networks products do not use Kerberos, and are therefore not susceptible to this set of vulnerabilities.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

KTH Kerberos Team

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Mandriva, Inc.

Notified:  June 18, 2007 Updated: June 27, 2007

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Mandriva Advisory MDKSA-2007:137.

Microsoft Corporation

Notified:  June 18, 2007 Updated: June 19, 2007

Status

  Not Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

MIT Kerberos Development Team

Notified:  June 13, 2007 Updated: June 13, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

MontaVista Software, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

NEC Corporation

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

NetBSD

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Network Appliance, Inc.

Updated:  June 27, 2007

Status

  Not Vulnerable

Vendor Statement

NetApp does not ship kadmind.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Nokia

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Novell, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Openwall GNU/*/Linux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

QNX, Software Systems, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Red Hat, Inc.

Notified:  June 18, 2007 Updated: June 26, 2007

Status

  Vulnerable

Vendor Statement

These issues affect the krb5-server package available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. Updated packages to correct this issue are available along with our advisories at the URLs below and via Red Hat Network. Red Hat Enterprise Linux 2.1, 3: https://rhn.redhat.com/errata/RHSA-2007-0384.html Red Hat Enterprise Linux 4, 5: https://rhn.redhat.com/errata/RHSA-2007-0562.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Silicon Graphics, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Slackware Linux Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Sony Corporation

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Sun Microsystems, Inc.

Notified:  June 18, 2007 Updated: June 28, 2007

Status

  Not Vulnerable

Vendor Statement

Sun can confirm that none of its products are vulnerable to VU#365313.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

SUSE Linux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

The SCO Group

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Trustix Secure Linux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Turbolinux

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Ubuntu

Notified:  June 18, 2007 Updated: June 27, 2007

Status

  Vulnerable

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see Ubuntu Security Notice USN-477-1.

Unisys

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Wind River Systems, Inc.

Notified:  June 18, 2007 Updated: June 18, 2007

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

View all 45 vendors View less vendors