[2342] in bugtraq
Re: Telnet vulnerability: shared libraries
daemon@ATHENA.MIT.EDU (Todd C. Miller)
Fri Nov 3 16:28:47 1995
Date: Thu, 2 Nov 1995 14:40:33 -0700
Reply-To: Todd.Miller@cs.colorado.edu
From: "Todd C. Miller" <Todd.Miller@cs.colorado.edu>
X-To: "or some subset of this lists I sent do,
but probably not all of them" <hartmans@mit.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: Your message of "Tue, 31 Oct 1995 18:57:39 EST."
<199510312357.SAA15081@tertius.mit.edu>
Seems like all DEC needs to do as a work-around is to compile
login with the -no_library_replacement flag. This should
keep _RLD_* from being consulted. Our DEC OSF source is
still in lawyer limbo so I cannot test this myslef :-(.
- todd
