A vulnerability is present in AT&T TCP/IP Release 4.0 running on SVR4 systems for both the 386/486 and 3B2 RISC platforms. The problem is in the remote execution server /usr/etc/rexecd and a new version of rexecd is available from AT&T.
02fee450da25fbe11fdb72de1b775d87f9e709e83b8fdfeb383f57fec2f44076