Subject: the telnet vulnerability - is it actually fixed?
To: None <current-users@netbsd.org>
From: John F. Woods <jfw@jfwhome.funhouse.com>
List: current-users
Date: 07/26/2001 00:34:36
Like everyone else, it seems (:-), I did a rebuild today to make sure I have
the telnet daemon fix to address the recent security advisory.  Yet I just
saw two "ttloop: peer died" messages a few minutes ago.  I did a cvs update
this morning, libexec/telnetd contains a bunch of files modified today, and
telnetd has been rebuilt from those sources.  Does the exploit attempt still
kill telnetd, or is the fix insufficient?

Thank goodness I installed tripwire today, too...