Subject: Re: the telnet vulnerability - is it actually fixed?
To: John F. Woods <>
From: None <>
List: current-users
Date: 07/26/2001 14:26:34
>Like everyone else, it seems (:-), I did a rebuild today to make sure I have
>the telnet daemon fix to address the recent security advisory.  Yet I just
>saw two "ttloop: peer died" messages a few minutes ago.  I did a cvs update
>this morning, libexec/telnetd contains a bunch of files modified today, and
>telnetd has been rebuilt from those sources.  Does the exploit attempt still
>kill telnetd, or is the fix insufficient?

	"peer died" indicates there's some bad guy attempt to trick you
	(port-scanning and such), that's all.  it does not necessarily indicate
	that you are hosed.  as long as you have sufficient patches, you should
	be okay.  i guess we need to update words on advisory if they seem