Linked by Thom Holwerda on Tue 1st Nov 2005 08:38 UTC, submitted by Spock

Thread beginning with comment 54448
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
"talkd is not enabled by default."
That's where you would be wrong. In version 2.8 and earlier, it was enabled by default. It was only AFTER the vulnerability occured that they disabled it by default, in the 2.8 install: http://www.openbsd.org/plus28.html
They even disabled fingerd by default in 2.8 as well. They were trying to cover their asses so they could keep making that bogus claim.
RE[7]: ONE remote hole?
by Soulbender on Thu 3rd Nov 2005 02:10
in reply to "RE[5]: ONE remote hole?"
Member since:
2005-08-18
"And that's what the talkd vulnerability is, a daemon that is enabled by default."
talkd is not enabled by default.