From owner-freebsd-security  Wed Mar 13 11:40:46 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id LAA18621
          for security-outgoing; Wed, 13 Mar 1996 11:40:46 -0800 (PST)
Received: from nervosa.com (root@nervosa.com [192.187.228.86])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id LAA18612
          for <freebsd-security@FreeBSD.ORG>; Wed, 13 Mar 1996 11:40:39 -0800 (PST)
Received: from nervosa.com (coredump@onyx.nervosa.com [10.0.0.1]) by nervosa.com (8.7.5/nervosa.com.2) with SMTP id LAA29745; Wed, 13 Mar 1996 11:34:27 -0800 (PST)
Date: Wed, 13 Mar 1996 11:34:25 -0800 (PST)
From: invalid opcode <coredump@nervosa.com>
To: cschuber@orca.gov.bc.ca
cc: Thomas J Balfe <tbalfe@tioga.com>, freebsd-security@FreeBSD.ORG
Subject: Re: CA-95:14 
In-Reply-To: <199603131642.IAA19150@passer.osg.gov.bc.ca>
Message-ID: <Pine.BSF.3.91.960313113225.29346A-100000@nervosa.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 13 Mar 1996, Cy Schubert - BCSC Open Systems Group wrote:

> Actually, if you strings /usr/libexec/telnetd | grep LD and it doesn't appear to 
> be present you have the problem.  Another test would be to perform the 

Yep, because in the fixed versions, there are some strncmp()'s on the 
various LD_* strings.

> As far as I could tell in January when I got my 2.1R CDROM, FreeBSD does not 
> have the problem.  2.0.5R, however, does.
> Cy Schubert                    OV/VM:  BCSC02(CSCHUBER)

I looked in the CVS repository, this problem is fixed in 2.1.0-RELEASE. 
As an added note, it was fixed in the 3.0 version of Slackware Linux also.

== Chris Layne =============================================================
== coredump@nervosa.com ================ http://www.nervosa.com/~coredump ==