http://linuxtoday.com/stories/20245.html is Caldera Systems' security advisory about telnetd buffer overflow that is causing grief in pre-0.16 netkit-based builds. Massive buffer cleanup mentioned in netkit-telnet's changelog would also hint at this. Caldera seems to use same base files, so if we can assume the problem is real there, it's most probably real in here too. I checked the srpm files you're using and there is no mention of this, nor patches. Thus, I fear all builds up to 6.1 are affected.
Escalating; this _must_ be fixed now: Date: Wed, 18 Jul 2001 22:15:10 +0200 From: Sebastian <scut.de> To: bugtraq Subject: multiple vendor telnet daemon vulnerability Systems Affected =================== System | vulnerable | exploitable * ----------------------------------------+--------------+------------------ BSDI 4.x default | yes | yes FreeBSD [2345].x default | yes | yes IRIX 6.5 | yes | no Linux netkit-telnetd < 0.14 | yes | ? Linux netkit-telnetd >= 0.14 | no | NetBSD 1.x default | yes | yes OpenBSD 2.x | yes | ? OpenBSD current | no | Solaris 2.x sparc | yes | ? <almost any other vendor's telnetd> | yes | ? ----------------------------------------+--------------+------------------ * = From our analysis and conclusions, which may not be correct or we may have overseen things. Do not rely on this.
*** This bug has been marked as a duplicate of 50335 ***