From owner-cvs-libexec  Mon Aug 15 13:06:32 1994
Return-Path: cvs-libexec-owner
Received: (from root@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id NAA20189 for cvs-libexec-outgoing; Mon, 15 Aug 1994 13:06:32 -0700
Received: (from guido@localhost) by freefall.cdrom.com (8.6.8/8.6.6) id WAA20173; Mon, 15 Aug 1994 22:06:18 +0200
Date: Mon, 15 Aug 1994 22:06:18 +0200
From: Guido van Rooij <guido>
Message-Id: <199408152006.WAA20173@freefall.cdrom.com>
To: ache, adam, alm, ats, bde, csgr, cvs-libexec, davidg, dyson, guido, hsu,
        jkh, jvh, karl, martin, nate, paul, phk, proven, pst, rgrimes, rich,
        sean, sef, smace, sos, wollman
Subject: cvs commit: src/libexec/telnetd sys_term.c
Sender: cvs-libexec-owner@freefall.cdrom.com
Precedence: bulk

guido       94/08/15 22:06:16

  Modified:    libexec/telnetd sys_term.c
  Log:
  Plug already known security hole. (Brought over from 1.1.5):
  Fixed security problem with telnetd, which allowed
  telnet -l -hcert.org localhost
  to change the user's host in utmp.
  Thanks to Matthew Green <mrgreen@@mame.mu.oz.au> for showing me this one.
  
  Reviewed by:	karl, guido
  Submitted by:	mrgreen@@mame.mu.oz.au