[ On , November 27, 1997 at 20:53:53 (GMT), Matthias Scheler wrote: ]
> Subject: Re: teardrop-fix for 1.2(.1)?
>
> NetBSD is not vulnerable for "teardrop", the problem is "land".
> And AFAIK there's no patch available yet.

That depends on what you mean by "vulnerable".  Until very recently
NetBSD was vulnerable to a local user (or did you have to be root???)
running an incorrectly compiled version of the "teardrop" program.
I.e. you'd panic your local host, not the target host.  I *think* I've
seen the fix to this pulled up to the 1.3 branch but I don't know about
any patches to 1.2 or 1.2.1.

-- 
							Greg A. Woods

+1 416 443-1734			VE3TCP			robohack!woods
Planix, Inc. <woods@planix.com>; Secrets Of The Weird <woods@weird.com>