Описание
ELSA-2013-1302: xinetd security and bug fix update (LOW)
[2:2.3.14-19]
- Correctly backport patches that fix the descriptor leakage
- Related: #852274
[-2:2.3.14-18]
- Fix leaking file descriptors (#852274)
- Fix: Service disabled due to bind failure (#811000)
- CVE-2012-0862 xinetd: enables unintentional services over tcpmux port (#788795)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
xinetd
2.3.14-19.el5
Oracle Linux x86_64
xinetd
2.3.14-19.el5
Oracle Linux i386
xinetd
2.3.14-19.el5
Связанные CVE
Связанные уязвимости
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type whe ...
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.