[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[linux-security] DoS attack against xinetd

To: linux-security
Subject: [linux-security] DoS attack against xinetd
From: Martin Siegert <siegert@sfu.ca>
Date: Sat, 31 May 2003 13:21:01 -0700
User-Agent: Mutt/1.4.1i

Topic
=====
denial-of-service attack possible against xinetd

Problem Description
===================
Xinetd is a 'master server' that is used to to accept service connection
requests and start the appropriate servers.

Because of a programming error, memory was allocated and never freed if a
connection was refused for any reason.  An attacker could exploit this flaw
to crash the xinetd server, rendering all services it controls unavaliable.

In addition, other flaws in xinetd could cause incorrect operation in
certain unusual server configurations.

Affected Versions
=================
xinetd versions 2.3.10 and earlier

Workaround
==========
The most common services started out of xinetd are telnet and ftp both of
which are depreciated because they send passwords in cleartext over the
network. If you switch from telnet/ftp to ssh/scp (and do not start any
other service from xinetd), you can disable or uninstall xinetd altogether.

Solution
========
upgrade to version 2.3.11 (or patched version for your distribution)

RedHat 7.x
----------
rpm -Fvh xinetd-2.3.11-1.7x.i386.rpm

RedHat 8.0
----------
rpm -Fvh xinetd-2.3.11-1.8.0.i386.rpm

RedHat 9
--------
rpm -Fvh xinetd-2.3.11-1.9.0.i386.rpm

Mandrake 8.2, 9.0, 9.1
----------------------
rpm -Fvh xinetd-2.3.11-1.1mdk.586.rpm xinetd-ipv6-2.3.11-1.1mdk.i586.rpm

Prev by Date: [linux-security] KDE remote exploit
Next by Date: [linux-security] MySQL DoS and local root exploits
Prev by thread: [linux-security] MySQL DoS and local root exploits
Next by thread: [linux-security] KDE remote exploit
Index(es):
- Date
- Thread