Date: 19 Jul 2001 19:09:32 +0200 From: Assar Westerlund <assar@FreeBSD.ORG> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> Cc: Mike Tancsa <mike@sentex.net>, Kris Kennaway <kris@obsecurity.org>, security@FreeBSD.ORG Subject: Re: FreeBSD remote root exploit ? Message-ID: <5lhew826cz.fsf@assaris.sics.se> In-Reply-To: Cy Schubert - ITSD Open Systems Group's message of "Wed, 18 Jul 2001 23:37:42 -0700" References: <200107190637.f6J6bnf66559@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> writes: > The advisory says that OpenBSD-current invulnerable. Looking at the > OpenBSD source tree, they've replaced BSD telnetd with heimdal telnetd. Depends on what you mean by OpenBSD-current. itojun just fixed it, see libexec/telnetd/global.c:1.6 > Build with kerberos5 enabled might be a temp workaround. Afraid not. That builds the one in secure. /assar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5lhew826cz.fsf>