Cray Inc. Not Affected

Updated:  October 04, 2001

Status

Not Affected

Vendor Statement

We did check both unicos and unicos/mk and cray is not vulnerable. On an exec() system call, all registered signals are reset to their defaults.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

FreeBSD Affected

Notified:  July 02, 2001 Updated: September 14, 2001

Status

Affected

Vendor Statement

Please see ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:42.signal.v1.1.asc

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Hewlett-Packard Company Not Affected

Notified:  September 14, 2001 Updated: September 21, 2001

Status

Not Affected

Vendor Statement

HP is not vulnerable. Our source code shows that we reset registers, any caught signals, etc., to the default (sig_dfl) on exec. Only pending signals and siginfos, but not the disposition to receive queued signals, are preserved across an exec.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.