|
|
Family: Debian Local Security Checks --> Category: infos
[DSA151] DSA-151-1 xinetd Vulnerability Scan
Vulnerability Scan Summary
DSA-151-1 xinetd
Detailed Explanation for this Vulnerability Test
Solar Designer found a vulnerability in xinetd, a replacement for the
BSD derived inetd. File descriptors for the signal pipe introduced in
version 2.3.4 are leaked into services started from xinetd. The
descriptors could be used to talk to xinetd resulting in crashing it
entirely. This is usually called a denial of service.
This problem has been fixed by the package maintainer in version
2.3.4-1.2 for the current stable distribution (woody) and in version
2.3.7-1 for the unstable distribution (sid). The old stable
distribution (potato) is not affected, since it doesn't contain the
signal pipe.
We recommend that you upgrade your xinetd packages.
Solution : http://www.debian.org/security/2002/dsa-151
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
