Lucene search

K
certCERTVU:200132
HistoryJun 18, 2003 - 12:00 a.m.

Various UNIX and Linux PDF readers/viewers execute commands embedded within hyperlinks

2003-06-1800:00:00
www.kb.cert.org
14

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

93.0%

Overview

A vulnerability in various UNIX and Linux PDF viewers/readers may allow remote attackers to execute arbitrary commands on your system.

Description

Adobe Systems Incorporated describes PDF (Portable Document Format) as “a universal file format that preserves the fonts, images, graphics, and layout of any source document, regardless of the application and platform used to create it.” A viewer such as Adobe Reader or Xpdf is needed to view a document encoded in PDF. Various PDF viewers are widely deployed on the Internet. Quoting from the Adobe Systems Incorporated web site:

Governments and enterprises around the world have adopted PDF to streamline document management, increase productivity, and reduce reliance on paper…An open file format specification, PDF is available to anyone who wants to develop tools to create, view, or manipulate PDF documents. Indeed, more than 1,800 vendors offer PDF-based solutions, ensuring that organizations that adopt the PDF standard have a variety of tools to leverage the Portable Document Format and to customize document processes.

When a victim clicks on a hyperlink contained within a malicious PDF file, an attacker may be able to execute arbitrary commands with the privileges of the victim. This is possible because some UNIX and Linux PDF readers/viewers spawn external programs to handle hyperlinks by invoking the shell command interpreter.


Impact

A remote attacker may be able to execute arbitrary commands with the privileges of the victim.


Solution

Apply a patch when available.


Vendor Information

200132

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Adobe Systems Incorporated __ Affected

Notified: May 08, 2003 Updated: June 18, 2003

Status

Affected

Vendor Statement

New versions of the Adobe Readers for UNIX are now available from the Adobe web site. You can find version 5.07 for Linux, Solaris, HP/UX and AIX at _<http://www.adobe.com/products/acrobat/readstep2.html&gt;_.

Adobe Reader 5.07 contains a patch that closes a potential security hole whereby a weblink could execute shell commands. Adobe recommends that all users on the forementioned platforms upgrade to the latest version of the Adobe Reader.

This security patch only affects Adobe Readers on Linux, Solaris, HP/UX and AIX platforms. Macintosh users (OS 9.x and OS 10.X) and Windows users are not affected. The Adobe Acrobat product line is also not affected by this security issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Conectiva __ Affected

Notified: May 15, 2003 Updated: September 22, 2003

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

`- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT


PACKAGE : xpdf
SUMMARY : Embedded commands execution vulnerability
DATE : 2003-07-04 10:57:00
ID : CLA-2003:674
RELEVANT
RELEASES : 7.0, 8, 9
- -------------------------------------------------------------------------
DESCRIPTION
Xpdf is a viewer for Portable Document Format (PDF) files.`

This update fixes a vulnerability that allows attackers to embed commands in document hyperlinks. If the user clicks in an hyperlink created by the attacker, it can execute malicious commands when calling a external program (web browsers, mail programs, etc).

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0434 to this issue.

SOLUTION All xpdf users should upgrade.

REFERENCES: 1.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0434

UPDATED PACKAGES ``&lt;ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xpdf-0.92-2U70_2cl.i386.rpm&gt;`` ``&lt;ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/xpdf-0.92-2U70_2cl.src.rpm&gt;`` ``&lt;ftp://atualizacoes.conectiva.com.br/8/RPMS/xpdf-0.93-2U80_2cl.i386.rpm&gt;`` ``&lt;ftp://atualizacoes.conectiva.com.br/8/SRPMS/xpdf-0.93-2U80_2cl.src.rpm&gt;`` ``&lt;ftp://atualizacoes.conectiva.com.br/9/RPMS/xpdf-2.01-22930U90_1cl.i386.rpm&gt;`` ``&lt;ftp://atualizacoes.conectiva.com.br/9/SRPMS/xpdf-2.01-22930U90_1cl.src.rpm&gt;``

ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades:

`- run: apt-get update

  • after that, execute: apt-get upgrade`

Detailed instructions reagarding the use of apt and upgrade examples can be found at ``&lt;http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en&gt;

- ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at ``&lt;http://distro.conectiva.com.br/seguranca/chave/?idioma=en&gt;`` Instructions on how to check the signatures of the RPM packages can be found at ``&lt;http://distro.conectiva.com.br/seguranca/politica/?idioma=en&gt;``
- ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at ``&lt;http://distro.conectiva.com.br/atualizacoes/?idioma=en&gt;``
- ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. ``&lt;http://www.conectiva.com&gt;``
- ------------------------------------------------------------------------- subscribe: [email protected] unsubscribe: [email protected] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see ``&lt;http://www.gnupg.org&gt;``
iD8DBQE/BYha42jd0JmAcZARAsD0AJ41Etq1PxMurfUFqsXc0te4V0+QiQCfcxsp REDyGm0tqfrsQ0bTaaGNHiQ= =d2kV -----END PGP SIGNATURE-----

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Debian __ Affected

Notified: May 15, 2003 Updated: May 19, 2003

Status

Affected

Vendor Statement

In Debian 2.2 (potato) and Debian 3.0 (woody), the URL loading feature of xpdf is disabled per default, but the bug is present if the user explicitly changes the configuration.

In Debian 3.0 (woody), an example urlCommand is supplied (which is commented out). This example quotes the argument against interpretation of shell metacharacters:

#urlCommand “netscape -remote ‘openURL(%s)’”

(though execution of other netscape -remote commands may be possible if this command is uncommented and used)

In Debian ‘testing’ and ‘unstable’ (xpdf 2.02-2), xpdf is configured to quote the argument in urlCommand:

urlCommand “sensible-browser ‘%s’”

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

MandrakeSoft __ Affected

Notified: May 15, 2003 Updated: July 14, 2003

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

________________________________________________________________________
`Mandrake Linux Security Update Advisory


Package name: xpdf
Advisory ID: MDKSA-2003:071
Date: June 27th, 2003
Affected versions:9.0, 9.1, Corporate Server 2.1


Problem Description:
Martyn Gilmore discovered flaws in various PDF viewers, including xpdf.
An attacker could place malicious external hyperlinks in a document
that, if followed, could execute arbitary shell commands with the
privileges of the person viewing the PDF document. ________________________________________________________________________
References:
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0434&gt;``


Updated Packages:
Corporate Server 2.1:
722121c3cef917ee6b8ce51f3754200c corporate/2.1/RPMS/xpdf-1.01-4.2mdk.i586.rpm
e80ab78011d0f8f79cb3f03bc092ec4b corporate/2.1/SRPMS/xpdf-1.01-4.2mdk.src.rpm`

Mandrake Linux 9.0: 722121c3cef917ee6b8ce51f3754200c 9.0/RPMS/xpdf-1.01-4.2mdk.i586.rpm e80ab78011d0f8f79cb3f03bc092ec4b 9.0/SRPMS/xpdf-1.01-4.2mdk.src.rpm

Mandrake Linux 9.1: c83e631cfa8b43fed2e9553b305eea23 9.1/RPMS/xpdf-2.01-2.1mdk.i586.rpm f3c1d8c4de62fde4522403ef347fb0f2 9.1/SRPMS/xpdf-2.01-2.1mdk.src.rpm

Mandrake Linux 9.1/PPC: bc5f7bbe9fa58f336bb54ad9b0b17bc9 ppc/9.1/RPMS/xpdf-2.01-2.1mdk.ppc.rpm f3c1d8c4de62fde4522403ef347fb0f2 ppc/9.1/SRPMS/xpdf-2.01-2.1mdk.src.rpm
________________________________________________________________________
`Bug IDs fixed (see &lt;https://qa.mandrakesoft.com&gt; for more information):


To upgrade automatically, use MandrakeUpdate. The verification of md5
checksums and GPG signatures is performed automatically for you.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with “rpm -Fvh *.rpm”. A list of
FTP mirrors can be obtained from:
<http://www.mandrakesecure.net/en/ftp.php&gt;``
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig <filename>
All packages are signed by MandrakeSoft for security. You can obtain
the GPG public key of the Mandrake Linux Security Team from:
<https://www.mandrakesecure.net/RPM-GPG-KEYS&gt;``
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrake Linux at:
<http://www.mandrakesecure.net/en/advisories/&gt;``
MandrakeSoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
<http://www.mandrakesecure.net/en/mlist.php&gt;``
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com>
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)
mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA
BgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H
8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K
+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy
YWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j
b20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+
AJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E
OWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ
9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR
xBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z
269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN
6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ
jTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo
0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ
EJGXlA==
=yGlX

  • -----END PGP PUBLIC KEY BLOCK-----
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.7 (GNU/Linux)
    iD8DBQE+/H+imqjQ0CJFipgRAnNdAJ42MU42nCV2tll9CBgRN2vol1Gy1ACgk8tD
    mLjGyGNaXp95yr+re09E4Vg=
    =MKpz
    -----END PGP SIGNATURE-----`

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Red Hat Inc. __ Affected

Notified: May 15, 2003 Updated: June 19, 2003

Status

Affected

Vendor Statement

See RHSA-2003:196-07.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Sun Microsystems Inc. __ Affected

Notified: May 15, 2003 Updated: June 17, 2003

Status

Affected

Vendor Statement

Sun does not ship a PDF viewer with Solaris and therefore Solaris is not affected by this issue. However, xpdf which is provided as an unsupported package on the Solaris Companion CD:

<http://wwws.sun.com/software/solaris/freeware/index.html&gt;

is affected.

Sites using the freeware version of xpdf from the Solaris Companion CD will have to upgrade to a later version available from:

<http://www.foolabs.com/xpdf/download.html&gt;

Sun Linux, version 5.0 is affected by this vulnerability. Two of its PDF viewing applications, xpdf and Adobe Acrobat Reader for Linux ™ are affected. However ghostview and kghostview are not.

Sun will be issuing a Sun Alert for Sun Linux describing the patch information which will be available from:

<http://sunsolve.Sun.COM>

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Xpdf __ Affected

Notified: May 20, 2003 Updated: June 17, 2003

Status

Affected

Vendor Statement

A new version of Xpdf (2.02pl1) is now available on the Xpdf web site:

<http://www.foolabs.com/xpdf/&gt;

This version includes a small patch that fixes a security hole in version 2.02. It was possible to construct a malicious URL link in a PDF file which would cause an arbitrary command to be run. The patch changes things to that the various characters which can cause trouble are escaped (%xx) before calling system(). This patch also changes the “launch” link verification dialog to provide a scrolling view of the command about to be run when the command string is excessively long.

This security hole (and the patch) only affect the Unix viewer – they do not affect the command tools on Unix, Windows, or other operating systems.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Apple Computer Inc. __ Not Affected

Updated: June 18, 2003

Status

Not Affected

Vendor Statement

Mac OS X and Mac OS X Server do not ship with any products that contain the vulnerability described in this notice.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Fujitsu __ Not Affected

Notified: May 15, 2003 Updated: August 08, 2003

Status

Not Affected

Vendor Statement

Fujitsu’s UXP/V o.s. is not affected by the problem in VU#200132 because the OS design does not cause the problems described.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Hitachi __ Not Affected

Notified: May 15, 2003 Updated: June 18, 2003

Status

Not Affected

Vendor Statement

NOT Vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Ingrian Networks __ Not Affected

Notified: May 15, 2003 Updated: May 23, 2003

Status

Not Affected

Vendor Statement

Ingrian Networks platforms are not vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Microsoft Corporation __ Not Affected

Notified: May 15, 2003 Updated: May 19, 2003

Status

Not Affected

Vendor Statement

Microsoft products are not affected by this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

NEC Corporation __ Not Affected

Notified: May 15, 2003 Updated: June 16, 2003

Status

Not Affected

Vendor Statement

Subject: VU#200132

sent on June 16, 2003

[Server Products]

  • EWS/UP 48 Series operating system
    - is NOT vulnerable
    because because it does not support PDF viewers/readers.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Nortel Networks __ Not Affected

Notified: May 15, 2003 Updated: July 14, 2003

Status

Not Affected

Vendor Statement

Some Nortel Networks products are distributed with documentation CDs that include a PDF reader to enable viewing of product documentation in this format. The vulnerability identified in VU#200132 can only be exploited with the presence of a hyperlink in a malicious PDF file. Provided the end-user employs the PDF reader only to read Nortel Networks product documentation, and does not use the Nortel Networks product as a workstation, this potential vulnerability cannot beexploited.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Xerox Corporation __ Not Affected

Notified: May 15, 2003 Updated: July 14, 2003

Status

Not Affected

Vendor Statement

A response to this vulnerability is available from our Security Information site: <http://www.xerox.com/security&gt;.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

3Com Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

AT&T Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Alcatel Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Avaya Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

BSDI Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Cisco Systems Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Computer Associates Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Cray Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

D-Link Systems Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Data General Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Engarde Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Extreme Networks Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

F5 Networks Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Foundry Networks Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

FreeBSD Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Hewlett-Packard Company __ Unknown

Notified: May 15, 2003 Updated: May 21, 2003

Status

Unknown

Vendor Statement

SOURCE:
Hewlett-Packard Company
HP Services
Software Security Response Team

x-ref: SSRT3561

At the time of writing this document, Hewlett Packard is currently investigating the potential impact to HP’s released Operating System software products.

As further information becomes available HP will provide notice of the availability of any necessary patches through standard security bulletin announcements and be available from your normal HP Services support channel.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

IBM Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

IBM eServer __ Unknown

Updated: June 24, 2003

Status

Unknown

Vendor Statement

IBM eServer Platform Response

For information related to this and other published CERT Advisories that may relate to the IBM eServer Platforms (xSeries, iSeries, pSeries, and zSeries) please go to:
https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/security=alerts?OpenDocument&pathID=3D

In order to access this information you will require a Resource Link ID. To subscribe to Resource Link go to
<http://app-06.www.ibm.com/servers/resourcelink&gt;
and follow the steps for registration.

All questions should be refered to [email protected].

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

IBM-zSeries Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Intel Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Juniper Networks Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Lachman Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Lotus Software Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Lucent Technologies Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

MontaVista Software Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Multi-Tech Systems Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

NeXT Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

NetBSD Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Netscreen Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Network Appliance Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Nokia Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

OpenBSD Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Openwall GNU/*/Linux Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Redback Networks Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Riverstone Networks Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

SCO Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

SGI Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Sequent Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Sony Corporation Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

SuSE Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Unisys Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Wind River Systems Inc. Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

Wirex Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

zyXEL Unknown

Notified: May 15, 2003 Updated: May 16, 2003

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23200132 Feedback>).

View all 59 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

This vulnerability was discovered by Martyn Gilmore. The CERT/CC thanks Martyn, Adobe, and the folks responsible for the Xpdf project.

This document was written by Ian A Finlay.

Other Information

CVE IDs: CVE-2003-0434
Severity Metric: 37.97 Date Public:

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.051 Low

EPSS

Percentile

93.0%