[TUHS] Craig Partridge on BBN vs BSD TCP/IP
Erik E. Fair via TUHS
tuhs at tuhs.org
Wed Jan 21 19:41:01 AEST 2026
Two very commonly used (at the time) Unix network applications which use TCP urgent (out of band): telnet(1) and rlogin(1). There is mirrored code in their respective daemon counterparts, too.
The NetBSD source code for telnetd(8) contains a couple of mitigations for the off-by-one urgent data bug, some marked by /* XXX */ comments, in state.c, telnetd.c, and utility.c
See https://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/telnetd/
Erik
More information about the TUHS
mailing list