Kodak Not Affected

Notified:  December 19, 2002 Updated: January 20, 2003

Status

Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Based in information from Sun and Kodak, this vulnerability exists only in the Solaris KCMS implementation (kcms_server). No other KCMS implementation is affected.

Sun Microsystems Inc. Affected

Notified:  November 04, 2002 Updated: January 17, 2003

Status

Affected

Vendor Statement

Sun confirms that this kcms_server(1) vulnerability does affect all currently supported versions of Solaris: Solaris 2.6, 7, 8, and 9 Sun will be releasing a Sun Alert which describes two possible workarounds until a final resolution is reached which will be available from the following location shortly: http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/50104 The Sun Alert will be updated once a final resolution is available.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.