aru Posted May 14, 2003 Report Share Posted May 14, 2003 MandrakeSoft Security Advisory MDKSA-2003:056 : xinetd May 14th, 2003 Updated xinetd packages fix DoS vulnerability A vulnerability was discovered in xinetd where memory was allocated and never freed if a connection was refused for any reason. Because of this bug, an attacker could crash the xinetd server, making unavailable all of the services it controls. Other flaws were also discovered that could cause incorrect operation in certain strange configurations. These issues have been fixed upstream in xinetd version 2.3.11 which are provided in this update. The released versions of Mandrake GNU/Linux affected are: 8.2 [*] 8.2/PPC [*] 9.0 [*] 9.1 [*] 9.1/PPC [*] Single Network Firewall 7.2 [*] Multi Network Firewall 8.2 [*] Corporate Server 2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:056 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0211 Posted automatically by aru (mdksec2mub v0.0.5) Link to comment Share on other sites More sharing options...
Recommended Posts