rpc.ttdbserverd on solaris 7

[strombrg () NIS ACS UCI EDU (Dan Stromberg)]

We recently had mass attempts at breaking into our systems through
rpc.ttdbserverd.

Some of the rpc.ttdbserverd's dumped core, including at least one on
solaris 7.
Some of our systems with noexec_user_stack and noexec_user_stack_log
reported attempts to execute code on the stack.  Needless to say, this
is worrisome.

The messages logged look like:

Nov 12 18:47:01 foo.bar.baz /usr/dt/bin/rpc.ttdbserverd[646]:
_Tt_file_system::findBestMountPoint -- max_match_entry is null,
aborting...
Nov 12 18:47:01 foo.bar.baz inetd[143]: /usr/dt/bin/rpc.ttdbserverd:
Segmentation Fault - core dumped
Nov 12 18:47:02 foo.bar.baz unix: rpc.ttdbserverd[1932] attempt to
execute code on stack by uid 0
Nov 12 18:47:02 foo.bar.baz inetd[143]: /usr/dt/bin/rpc.ttdbserverd:
Segmentation Fault - core dumped
Nov 12 18:47:03 foo.bar.baz unix: rpc.ttdbserverd[1934] attempt to
execute code on stack by uid 0
Nov 12 18:47:03 foo.bar.baz inetd[143]: /usr/dt/bin/rpc.ttdbserverd:
Segmentation Fault - core dumped

We looked at the situation a bit more, and discovered that there is an
rpc.ttdbserverd patch for Solaris 7 (107893-02), but it actually isn't
on the recommended patch list for some reason.

Does this patch fix the vulnerability I've described?

If yes, why would it not be recommended?

If not, is a patch forthcoming?

Does anyone have the exploit?