[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] xinetd security audit

To: linux-security
Subject: [linux-security] xinetd security audit
From: Martin Siegert <siegert@sfu.ca>
Date: Mon, 10 Sep 2001 16:26:42 -0700
User-Agent: Mutt/1.2.5i

Topic
=====
xinetd security audit

Problem Description
===================
A security audit of the xinetd program has found a wealth of security
problems in the source code of xinetd resulting in a patch of more
than 100 kB. This patch has been incorporated in version 2.3.3 of
xinetd. Although currently there are (to my knowledge) no new known exploits
against xinetd upgrading to this new version of xinetd is highly
recommended.

Affected Systems
================
systems that use xinetd

Not Affected
============
systems that use inetd

Solution
========
upgrade to xinetd, version 2.3.3

RedHat 7.x
----------
rpm -Fvh xinetd-2.3.3-1.i386.rpm

Mandrake 7.2
------------
rpm -Fvh xinetd-2.3.0-5.2mdk.i586.rpm

Mandrake 8.0
------------
rpm -Fvh xinetd-2.3.0-5.1mdk.i586.rpm xinetd-ipv6-2.3.0-5.1mdk.i586.rpm

Prev by Date: [linux-security] fetchmail remote vulnerability
Next by Date: [linux-security] updated version of check-rpms
Prev by thread: [linux-security] updated version of check-rpms
Next by thread: [linux-security] fetchmail remote vulnerability
Index(es):
- Date
- Thread