Hello!

> No, CA-98-13 is *not* the teardrop/land attack as described in CA-97.28:
> http://www.cert.org/advisories/CA-97.28.Teardrop_Land.html

Ok, is there an exploit for this to test?

> Since most versions of both OpenBSD and FreeBSD were vulnerable to
> CA-98-13 I really doubt that NetBSD is not.

I had a look at

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/tcpfix.patch and
ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/tcpfix.patch

which where referenced in the CERT as solution for the exploit. And I
*think* this is already in

$NetBSD: ip_input.c,v 1.76 1998/12/19 02:46:12 thorpej Exp $

which is NetBSD-current and

$NetBSD: ip_input.c,v 1.53.2.4 1998/11/15 19:18:13 cgd Exp $

which is NetBSD-1.3.3.

But then I am no expert or guru, so someone with a better clue might
care to speak.

Greets
-- 
   Name  : Thorsten Frueauf            Milano@irc cri@onaliM       //
   E-Mail: s_frueau@ira.uka.de oder ukfy@rz.uni-karlsruhe.de     \X/