Subject: the telnet vulnerability - is it actually fixed?
To: None <firstname.lastname@example.org>
From: John F. Woods <email@example.com>
Date: 07/26/2001 00:34:36
Like everyone else, it seems (:-), I did a rebuild today to make sure I have
the telnet daemon fix to address the recent security advisory. Yet I just
saw two "ttloop: peer died" messages a few minutes ago. I did a cvs update
this morning, libexec/telnetd contains a bunch of files modified today, and
telnetd has been rebuilt from those sources. Does the exploit attempt still
kill telnetd, or is the fix insufficient?
Thank goodness I installed tripwire today, too...