[3932] in bugtraq
talkd problem
daemon@ATHENA.MIT.EDU (Theo de Raadt)
Mon Jan 20 23:02:56 1997
Date: Mon, 20 Jan 1997 19:46:28 -0700
Reply-To: Theo de Raadt <deraadt@theos.com>
From: Theo de Raadt <deraadt@theos.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Please excuse me if I say a few more things about talkd. I was busy
driving from southern California to home when this happened... (almost
hit a fox at 1am in southern idaho... next time I'll aim better ;-)
Here's a commit log entry from the OpenBSD talkd sources:
revision 1.4
date: 1996/07/17 23:41:10; author: deraadt; state: Exp; lines: +10 -8
buffer overflow from dholland@hcs.HARVARD.EDU; could do with some cleanup?
Note the date.
Of course, whenever any commit happens in the OpenBSD source tree, for
security or other reasons, it gets mailed to the OpenBSD
source-changes mailing list. If I were a cracker sitting on the lists
5 months ago I'd probably have muttered to myself "talkd has a buffer
exploit. Hmm. Perhaps this is that new remote hole I've been looking
for now that the sendmail hole I was using is fixed. After all,
everyone uses straight BSD code".
I really like it when we get to fix a security hole 5 months before
everyone else. "Everyone else" should do something about that.
