|
|
Vulnerability Assessment & Network Security Forums |
|||||||||
|
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA151] DSA-151-1 xinetd Vulnerability Assessment Details
|
[DSA151] DSA-151-1 xinetd |
||
|
DSA-151-1 xinetd Detailed Explanation for this Vulnerability Assessment Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usually called a denial of service. This problem has been fixed by the package maintainer in version 2.3.4-1.2 for the current stable distribution (woody) and in version 2.3.7-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't contain the signal pipe. We recommend that you upgrade your xinetd packages. Solution : http://www.debian.org/security/2002/dsa-151 Network Security Threat Level: High Networks Security ID: 5458 Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi |
||
|
Print Servers, Wired |
|
||
|
No Discussions have been posted on this vulnerability. |