Subject: Re: telnetd core
To: Steven M. Bellovin <>
From: Bruno Saverio Delbono <>
List: netbsd-users
Date: 12/30/2002 14:11:12
At 05:00 PM 12/30/2002 -0500, Steven M. Bellovin wrote:
>In message <>, Bruno Saverio 
>ono writes:
> >
> >You're fine.
>He's not fine -- a daemon is dumping core.  That shouldn't happen --
>ever.  Sure, maybe it's bad RAM, as someone suggested.  Alternatively,
>there's another bug -- and possibly a security bug -- lurking in
>telnetd.  Frankly, that strikes me as more likely.

Hmm...I agree. There very well can be another problem.

>Yes, he's got the latest fixes in.  But that doesn't mean that no more
>fixes are needed.

What I really, honestly, swear-to-god and 
may-electricity-strike-me-if-I-lie, meant to say that the version of 
telnetd he's running is patched for the telnetd(8) options overflow advisory.

(*gasp*) Thunderstorms!!
.... .... ....


Our company accepts no liability for the content of this email, or for
the consequences of any actions taken on the basis of the information
provided, unless that information is subsequently confirmed in
writing. If you are not the intended recipient you are notified that
disclosing, copying, distributing or taking any action in reliance on
the contents of this information is strictly prohibited.