Описание
ELSA-2013-0499: xinetd security and bug fix update (LOW)
[2:2.3.14-38]
- CVE-2012-0862 xinetd: enables unintentional services over tcpmux port
- Resolves: #883653
[2:2.3.14-37]
- Fix changelog entry
- Related: #809271
[2:2.3.14-36]
- Fix: Service disabled due to bind failure
- Resolves: #809271
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
xinetd
2.3.14-38.el6
Oracle Linux i686
xinetd
2.3.14-38.el6
Связанные CVE
Связанные уязвимости
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type whe ...
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.