From owner-freebsd-security  Wed Aug 21 16:02:28 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA10199
          for security-outgoing; Wed, 21 Aug 1996 16:02:28 -0700 (PDT)
Received: from hcs.harvard.edu (hcs.harvard.edu [140.247.73.252])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA10192
          for <freebsd-security@freebsd.org>; Wed, 21 Aug 1996 16:02:25 -0700 (PDT)
Received: (from dholland@localhost) by hcs.harvard.edu (8.7.4/8.7.3) id TAA09928; Wed, 21 Aug 1996 19:02:16 -0400
From: David Holland <dholland@hcs.harvard.edu>
Message-Id: <199608212302.TAA09928@hcs.harvard.edu>
Subject: Re: rwhod buffer overflow
To: bugtraq@netspace.org, linux-security@tarsier.cv.NRAO.edu,
        freebsd-security@freebsd.org, deraadt@theos.com
Date: Wed, 21 Aug 1996 19:02:15 -0400 (EDT)
X-Mailer: ELM [version 2.4 PL22]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

 > Through examining the source this appears to be a problem in current
 > OpenBSD, NetBSD, FreeBSD, and Linux distributions.  

Yes - I only found the bug last week. I was waiting to post it until I
could track down an appropriate FreeBSD contact to get the fixes
applied. Ah well. 

The fixed Linux version will be released in NetKit-B-0.08 tonight. The
NetKit-B release has been delayed by considerations over the
RESOLV_HOST_CONF problem. :(

I know the fix has been applied to OpenBSD, and it's at least been
sent to NetBSD...

-- 
   - David A. Holland          | Number of words in the English language that
     dholland@hcs.harvard.edu  | exist because of typos or misreadings: 381