So what part of this didn't you understand? If the exploit is three years old and is known, and a fix has been supplied, yet someone is leaving it open for their own purposes; what exactly is your problem?
According to Suns web site:
________________________________________________________________________________
Bulletin Number: #00192
Date: December 29, 1999
Cross-Ref: CERT CA-99-11
Title: CDE and OpenWindows
Revision History:
March 28, 2000: Updated patch information
March 3, 2000: Updated patch information
January 25, 2000: Updated patch information
December 29, 1999: Initial release