From owner-freebsd-security  Wed Mar 13 08:45:08 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id IAA08073
          for security-outgoing; Wed, 13 Mar 1996 08:45:08 -0800 (PST)
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id IAA08052
          for <freebsd-security@freebsd.org>; Wed, 13 Mar 1996 08:44:47 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by passer.osg.gov.bc.ca (8.7.4/8.6.10) with SMTP id IAA19150; Wed, 13 Mar 1996 08:42:30 -0800 (PST)
From: Cy Schubert - BCSC Open Systems Group <cschuber@uumail.gov.bc.ca>
Message-Id: <199603131642.IAA19150@passer.osg.gov.bc.ca>
X-Authentication-Warning: passer.osg.gov.bc.ca: Host localhost [127.0.0.1] didn't use HELO protocol
Reply-to: cschuber@orca.gov.bc.ca
X-Mailer: DXmail
To: invalid opcode <coredump@nervosa.com>
cc: Thomas J Balfe <tbalfe@tioga.com>, freebsd-security@freebsd.org
Subject: Re: CA-95:14  
In-reply-to: Your message of "Tue, 12 Mar 96 15:37:03 PST."
             <Pine.BSF.3.91.960312153623.9840C-100000@nervosa.com> 
Date: Wed, 13 Mar 96 08:42:29 -0800
X-Mts: smtp
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> On Tue, 12 Mar 1996, Thomas J Balfe wrote:
> 
> > Does 2.1R have the RFC 1408 or RFC 1572 telnetd_environment_vulnerability 
> > bug worked out of it, or do I have to apply a patch? Are there any other 
> > things that I should apply to 2.1R? Thanks.
> > Thomas J Balfe
> 
> As far as I can tell (strings /usr/bin/telnet | grep -i LD), it doesn't 
> appear to be present.

Actually, if you strings /usr/libexec/telnetd | grep LD and it doesn't appear to 
be present you have the problem.  Another test would be to perform the 
following:

telnet
telnet> environ define LD_LIBRARY_PATH=/foobar
telnet> environ export LD_LIBRARY_PATH
telnet> open localhost

..... log in .....

$ printenv | grep LD_LIBRARY_PATH or echo $LD_LIBRARY_PATH

If LD_LIBRARY_PATH is /foobar or if you get a loader message indicating it 
cannot find /foobar you have the problem.

As far as I could tell in January when I got my 2.1R CDROM, FreeBSD does not 
have the problem.  2.0.5R, however, does.


Regards,                       Phone:  (604)389-3827
Cy Schubert                    OV/VM:  BCSC02(CSCHUBER)
Open Systems Support          BITNET:  CSCHUBER@BCSC02.BITNET
BC Systems Corp.            Internet:  cschuber@uumail.gov.bc.ca
                                       cschuber@bcsc02.gov.bc.ca

		"Quit spooling around, JES do it."