elmore
September 19th, 2003, 13:30
http://www.securityfocus.com/archive/1/338210/2003-09-16/2003-09-22/0

just posted to bugtraq

frisco
September 19th, 2003, 14:34
It's been patched fairly quickly:
http://lists.netsys.com/pipermail/full-disclosure/2003-September/010496.html