From owner-freebsd-security  Tue Mar 12 23:27:22 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id XAA07610
          for security-outgoing; Tue, 12 Mar 1996 23:27:22 -0800 (PST)
Received: from haven.uniserve.com (haven.uniserve.com [198.53.215.121])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id XAA07605
          for <freebsd-security@FreeBSD.org>; Tue, 12 Mar 1996 23:27:20 -0800 (PST)
Received: by haven.uniserve.com id <34810-149>; Tue, 12 Mar 1996 23:30:05 -0800
Date: 	Tue, 12 Mar 1996 23:29:54 -0800 (PST)
From: Tom Samplonius <tom@uniserve.com>
To: invalid opcode <coredump@nervosa.com>
cc: Thomas J Balfe <tbalfe@tioga.com>, freebsd-security@FreeBSD.org
Subject: Re: CA-95:14
In-Reply-To: <Pine.BSF.3.91.960312153623.9840C-100000@nervosa.com>
Message-ID: <Pine.BSF.3.91.960312232617.15976B-100000@haven.uniserve.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.org
X-Loop: FreeBSD.org
Precedence: bulk



On Tue, 12 Mar 1996, invalid opcode wrote:

> On Tue, 12 Mar 1996, Thomas J Balfe wrote:
> 
> > Does 2.1R have the RFC 1408 or RFC 1572 telnetd_environment_vulnerability 
> > bug worked out of it, or do I have to apply a patch? Are there any other 
> > things that I should apply to 2.1R? Thanks.
> > Thomas J Balfe
> 
> As far as I can tell (strings /usr/bin/telnet | grep -i LD), it doesn't 
> appear to be present.

  Read more carefully.  The specified problem is in telnetd, not telnet.  

  I can't speak for 2.1R, but the problem is not in -stable or -current.

Tom