Subject: Re: CA-98.13
To: None <Thilo.Manske@HEH.Uni-Oldenburg.DE>
From: Thorsten Frueauf <>
List: tech-security
Date: 12/28/1998 11:46:11

Disclaimer: I am not in the position to speak official for TNF.
            So take this from me as of the best of my personal

> URL:

What confused me is the date of this alert, as the exploit
(teardrop/land) is published long ago. So if the exploit mentioned in
above alert is the one published on e.g. at 14/15.11.1997
then NetBSD 1.3.x and current are not vulnerable. I did not try those
at 1.2.x, as at the time this exploit was available, none of my
machines run 1.2.x anymore.

> I would like to know, if I can safely upgrade our server's kernel to
> 1.3.3 now or better wait for a patch.

I would say, go ahead.

   Name  : Thorsten Frueauf            Milano@irc cri@onaliM       //
   E-Mail: oder     \X/