This is from a recent CERT advisory. Any comments on whether this applies to
QNX 4.xx, and, if so, what is to be done?
There is a remotely exploitable buffer overflow in Telnet daemons
derived from BSD source code. During the processing of the Telnet
protocol options, the results of the “telrcv” function are stored in a
fixed-size buffer. It is assumed that the results are smaller than the
buffer and no bounds checking is performed.The vulnerability was discovered by TESO. An exploit for this
vulnerability has been publicly released; internal testing at CERT/CC
confirms this exploit works against at least one target system. For
more information, seehttp://www.team-teso.net/advisories/teso-advisory-011.tar.gz
snipftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.a
sc