[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] DoS attack against xinetd
- To: linux-security
- Subject: [linux-security] DoS attack against xinetd
- From: Martin Siegert <siegert@sfu.ca>
- Date: Sat, 31 May 2003 13:21:01 -0700
- User-Agent: Mutt/1.4.1i
Topic
=====
denial-of-service attack possible against xinetd
Problem Description
===================
Xinetd is a 'master server' that is used to to accept service connection
requests and start the appropriate servers.
Because of a programming error, memory was allocated and never freed if a
connection was refused for any reason. An attacker could exploit this flaw
to crash the xinetd server, rendering all services it controls unavaliable.
In addition, other flaws in xinetd could cause incorrect operation in
certain unusual server configurations.
Affected Versions
=================
xinetd versions 2.3.10 and earlier
Workaround
==========
The most common services started out of xinetd are telnet and ftp both of
which are depreciated because they send passwords in cleartext over the
network. If you switch from telnet/ftp to ssh/scp (and do not start any
other service from xinetd), you can disable or uninstall xinetd altogether.
Solution
========
upgrade to version 2.3.11 (or patched version for your distribution)
RedHat 7.x
----------
rpm -Fvh xinetd-2.3.11-1.7x.i386.rpm
RedHat 8.0
----------
rpm -Fvh xinetd-2.3.11-1.8.0.i386.rpm
RedHat 9
--------
rpm -Fvh xinetd-2.3.11-1.9.0.i386.rpm
Mandrake 8.2, 9.0, 9.1
----------------------
rpm -Fvh xinetd-2.3.11-1.1mdk.586.rpm xinetd-ipv6-2.3.11-1.1mdk.i586.rpm