Date: Sat, 13 Jul 1996 18:08:30 -0400 (EDT) From: jaeger <jaeger@dhp.com> To: Frode Nordahl <froden@bigblue.no> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD 2.1.0 Telnetd vulnerable? Message-ID: <Pine.LNX.3.91.960713180142.30935A-100000@dhp.com> In-Reply-To: <199607131434.PAA28164@login.bigblue.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 13 Jul 1996, Frode Nordahl wrote: > We're reading throgh the CERT releases to make our FreeBSD system as hole-less as possible. > The vulnerability specified in the CA-95:14.Telnetd_Environment_Vulnerability CERT release, > is this valid for FreeBSD 2.1.0? If so where can I get the patch for the telnetd? I believe 2.0.5-RELEASE was the last release vulnerable to this bug. My tests show 2.1.0-RELEASE is not vulnerable. Don't forget mount_union, suidperl, rdist, iijppp, sliplogin, etc. It seems we've had a bunch of holes suddenly discovered in the last 2 months. -jaeger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.91.960713180142.30935A-100000>