Red Hat Product Errata RHSA-2003:161 - Security Advisory
Issued:
2003-05-22
Updated:
2003-05-22

RHSA-2003:161 - Security Advisory

Synopsis

xinetd security update

Type/Severity

Security Advisory: Important

Topic

Updated xinetd packages fix a security vulnerability and other bugs.

Description

Xinetd is a master server that is used to to accept service
connection requests and start the appropriate servers.

Because of a programming error, memory was allocated and never freed if a
connection was refused for any reason. An attacker could exploit this flaw
to crash the xinetd server, rendering all services it controls unavaliable.

In addition, other flaws in xinetd could cause incorrect operation in
certain unusual server configurations.

All users of xinetd are advised to update to the packages listed in this
erratum, which contain an upgrade to xinetd-2.3.11 and are not vulnerable
to these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 2 ia64
  • Red Hat Enterprise Linux Server 2 i386
  • Red Hat Enterprise Linux Workstation 2 ia64
  • Red Hat Enterprise Linux Workstation 2 i386

Fixes

  • BZ - 77781 - xinetd stop serving the services because "Too many open files"
  • BZ - 78699 - xinetd reload kills all services if exactly nine services are enabled
  • BZ - 78903 - xinetd redirect does not work after update
  • BZ - 79085 - not updated via up2date
  • BZ - 79274 - Xinetd v 2.3.7-4.7x redirects fail to start
  • BZ - 84840 - tcpmux based services cannot be used
  • BZ - 85371 - xinetd regression - doesn't accept valid facility on log_type SYSLOG (e.g. mail)
  • BZ - 85530 - Typo in /etc/init.d/xinetd
  • BZ - 86297 - Server arg "-reuse" is meaningless in /etc/init.d/xinetd
  • BZ - 86304 - loadavg ability(max_load attribute) is not supported
  • BZ - 87863 - socket leak
  • BZ - 89074 - CAN-2003-0211 xinetd memory leak

References

(none)

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.