BSDi Unknown

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

FreeBSD Unknown

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

KTH Kerberos Development Team Affected

Notified:  December 18, 2001 Updated: April 15, 2002

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

As noted in the NEWS file contained in release 1.1.1of the KTH Kerberos 4 implementation (eBones), Telnet has been modified to "abort if telnetd does not support encryption."

MIT Kerberos Development Team Not Affected

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Not Affected

Vendor Statement

MIT Kerberos Telnet enforces the client's request to use encryption and aborts the connection if authentication or encryption cannot be negotiated.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

NetBSD Unknown

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

OpenBSD Unknown

Notified:  December 18, 2001 Updated: February 10, 2002

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.