COMMAND
	    kernel
SYSTEMS AFFECTED
	    NetBSD-current from 19980603 to 19990208
PROBLEM
	    Following is based  on NetBSD Security  Advisory.  In  the version
	    of netstat  between the  two dates  above, a  security hole exists
	    which  will  allow  non-root  users  to  examine any kernel memory
	    location.  The  code which was  added to allow  printing of kernel
	    protocol  control  blocks  does  not  have  strict  checks to make
	    certain  the  memory  being  display  is a protocol control block.
	    Also,  since  the  block  contains  information  like TCP sequence
	    numbers, users should  generally not be  allowed to examine  these
	    blocks.   Thanks  go to Michael Graff  and Charles Hannum for  the
	    discovery and resolution of this bug.
SOLUTION
	    NetBSD-current users  should update  to a  source tree  newer than
	    19990208, or apply this patch and rebuild netstat:
	
	        ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990208-netstat
	
	    If this action cannot be taken easily, netstat can be disabled for
	    non-root users:
	
	        chmod 555 /usr/bin/netstat