Subject: Re: telnetd core
To: Bruno Saverio Delbono <Bruno.S.Delbono@wf0.com>
From: Wojciech Puchar <email@example.com>
Date: 12/29/2002 17:28:39
> It seems that someone is trying to use a NetBSD telnetd exploit by Team
> Teso on your box.
> See: http://mail-index.netbsd.org/netbsd-announce/2001/07/25/0001.html
> BTW - from the telnetd/utility.c source code:
> /* ttloop - A small subroutine to flush the network output buffer, get some
> * from the network, and pass it through the telnet state machine. We
> * also flush the pty input buffer (by dropping its data) if it becomes
> * too full.
> >is telnetd exploitable??! any protection?
> See above advisory.
this patch doesn't work for me - 1 of 1 hunk rejected
and i can't find
! (void) strcpy(nfrontp, "\r\n[Yes]\r\n");
to patch manually.