Red Hat Product Errata RHSA-2013:1409 - Security Advisory

Issued:: 2013-10-07
Updated:: 2013-10-07

RHSA-2013:1409 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: xinetd security update

Type/Severity

Security Advisory: Moderate

Topic

An updated xinetd package that fixes one security issue is now available
for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The xinetd package provides a secure replacement for inetd, the Internet
services daemon. xinetd provides access control for all services based on
the address of the remote host and/or on time of access, and can prevent
denial-of-access attacks.

It was found that xinetd ignored the user and group configuration
directives for services running under the tcpmux-server service. This flaw
could cause the associated services to run as root. If there was a flaw in
such a service, a remote attacker could use it to execute arbitrary code
with the privileges of the root user. (CVE-2013-4342)

Red Hat would like to thank Thomas Swan of FedEx for reporting this issue.

All xinetd users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

Red Hat Enterprise Linux Server 6 x86_64
Red Hat Enterprise Linux Server 6 i386
Red Hat Enterprise Linux Server 5 x86_64
Red Hat Enterprise Linux Server 5 ia64
Red Hat Enterprise Linux Server 5 i386
Red Hat Enterprise Linux Server - Extended Update Support 6.4 x86_64
Red Hat Enterprise Linux Server - Extended Update Support 6.4 i386
Red Hat Enterprise Linux Server - AUS 6.4 x86_64
Red Hat Enterprise Linux Workstation 6 x86_64
Red Hat Enterprise Linux Workstation 6 i386
Red Hat Enterprise Linux Workstation 5 x86_64
Red Hat Enterprise Linux Workstation 5 i386
Red Hat Enterprise Linux Desktop 6 x86_64
Red Hat Enterprise Linux Desktop 6 i386
Red Hat Enterprise Linux Desktop 5 x86_64
Red Hat Enterprise Linux Desktop 5 i386
Red Hat Enterprise Linux for IBM z Systems 6 s390x
Red Hat Enterprise Linux for IBM z Systems 5 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.4 s390x
Red Hat Enterprise Linux for Power, big endian 6 ppc64
Red Hat Enterprise Linux for Power, big endian 5 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.4 ppc64
Red Hat Enterprise Linux for Scientific Computing 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 x86_64
Red Hat Enterprise Linux Server from RHUI 6 i386
Red Hat Enterprise Linux Server from RHUI 5 x86_64
Red Hat Enterprise Linux Server from RHUI 5 i386
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 x86_64
Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4 i386
Red Hat Gluster Storage Server for On-premise 2.1 x86_64
Red Hat Storage for Public Cloud (via RHUI) 2.1 x86_64
Red Hat Enterprise Linux EUS Compute Node 6.4 x86_64

Fixes

BZ - 1006100 - CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services

CVEs

CVE-2013-4342

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Enterprise Linux Server 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
x86_64
xinetd-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 5b40acd163089ec7348004c5e1f28645e20485ad6beb122cce1213041e080627
xinetd-debuginfo-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 8e5f0908300c6bf8c774e7d7f7419c5063a2e3613176c7b8ff25657f83352d02
ia64
xinetd-2.3.14-20.el5_10.ia64.rpm	SHA-256: 5a197dae21ec592568f62d8eacec05f7c6b9d71267be4f662b3a2998824dc80b
xinetd-debuginfo-2.3.14-20.el5_10.ia64.rpm	SHA-256: 52ade2bae9b9c0315495d7f72f08a09169311b674df01dfb3be506ecda84f156
i386
xinetd-2.3.14-20.el5_10.i386.rpm	SHA-256: bc9ad9677eb4c0851558641ecc691dcac8adc471f0fad30ef4576285816b7b07
xinetd-debuginfo-2.3.14-20.el5_10.i386.rpm	SHA-256: 472d1507afd560895ca1887e8c533f48785cb0f4ebe72e95ac6287015d209b1f

Red Hat Enterprise Linux Server - Extended Update Support 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Enterprise Linux Workstation 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Enterprise Linux Workstation 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
x86_64
xinetd-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 5b40acd163089ec7348004c5e1f28645e20485ad6beb122cce1213041e080627
xinetd-debuginfo-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 8e5f0908300c6bf8c774e7d7f7419c5063a2e3613176c7b8ff25657f83352d02
i386
xinetd-2.3.14-20.el5_10.i386.rpm	SHA-256: bc9ad9677eb4c0851558641ecc691dcac8adc471f0fad30ef4576285816b7b07
xinetd-debuginfo-2.3.14-20.el5_10.i386.rpm	SHA-256: 472d1507afd560895ca1887e8c533f48785cb0f4ebe72e95ac6287015d209b1f

Red Hat Enterprise Linux Desktop 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Enterprise Linux Desktop 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
x86_64
xinetd-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 5b40acd163089ec7348004c5e1f28645e20485ad6beb122cce1213041e080627
xinetd-debuginfo-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 8e5f0908300c6bf8c774e7d7f7419c5063a2e3613176c7b8ff25657f83352d02
i386
xinetd-2.3.14-20.el5_10.i386.rpm	SHA-256: bc9ad9677eb4c0851558641ecc691dcac8adc471f0fad30ef4576285816b7b07
xinetd-debuginfo-2.3.14-20.el5_10.i386.rpm	SHA-256: 472d1507afd560895ca1887e8c533f48785cb0f4ebe72e95ac6287015d209b1f

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
s390x
xinetd-2.3.14-39.el6_4.s390x.rpm	SHA-256: 5f6684c217102f2f4a5192516e2d531f48edb1ff2c0c09df09641ceafc2b42ea
xinetd-debuginfo-2.3.14-39.el6_4.s390x.rpm	SHA-256: 530c60625846cb2f32d84716461d9d017a0fe7147f39b07978389cdcc5db050c

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
s390x
xinetd-2.3.14-20.el5_10.s390x.rpm	SHA-256: a4dc38ea36bd7138dea0cc6680173c018b864d72e2b3ce9b0ab83b366272d91e
xinetd-debuginfo-2.3.14-20.el5_10.s390x.rpm	SHA-256: 921dff5a699cc208c18db4372b9bb8cde7e3e9189c0f6f6c80fbd83bc8db74ed

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
s390x
xinetd-2.3.14-39.el6_4.s390x.rpm	SHA-256: 5f6684c217102f2f4a5192516e2d531f48edb1ff2c0c09df09641ceafc2b42ea
xinetd-debuginfo-2.3.14-39.el6_4.s390x.rpm	SHA-256: 530c60625846cb2f32d84716461d9d017a0fe7147f39b07978389cdcc5db050c

Red Hat Enterprise Linux for Power, big endian 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
ppc64
xinetd-2.3.14-39.el6_4.ppc64.rpm	SHA-256: df174c8244bc82d9ff1a55bf0f431187bbfabb3124d3b41e41c1cda10054b120
xinetd-debuginfo-2.3.14-39.el6_4.ppc64.rpm	SHA-256: c355f0f606eb6eb87d269a3ca7a0e68c1614071b0fbd8f54fc4b7941cbb55ef8

Red Hat Enterprise Linux for Power, big endian 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
ppc
xinetd-2.3.14-20.el5_10.ppc.rpm	SHA-256: 6a3bda6f458aec1bc86ada41ab626d5f514bec44bc85a1559592a4f743557eaf
xinetd-debuginfo-2.3.14-20.el5_10.ppc.rpm	SHA-256: 2f482959d873c232630d950db47e148c2280b577ae214da2698516cb10b15985

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
ppc64
xinetd-2.3.14-39.el6_4.ppc64.rpm	SHA-256: df174c8244bc82d9ff1a55bf0f431187bbfabb3124d3b41e41c1cda10054b120
xinetd-debuginfo-2.3.14-39.el6_4.ppc64.rpm	SHA-256: c355f0f606eb6eb87d269a3ca7a0e68c1614071b0fbd8f54fc4b7941cbb55ef8

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69

Red Hat Enterprise Linux Server from RHUI 6

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Enterprise Linux Server from RHUI 5

SRPM
xinetd-2.3.14-20.el5_10.src.rpm	SHA-256: 0d03386f080cff278db667521ce0ee1167c48c53f1d85c02df07f33a702f50b5
x86_64
xinetd-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 5b40acd163089ec7348004c5e1f28645e20485ad6beb122cce1213041e080627
xinetd-debuginfo-2.3.14-20.el5_10.x86_64.rpm	SHA-256: 8e5f0908300c6bf8c774e7d7f7419c5063a2e3613176c7b8ff25657f83352d02
i386
xinetd-2.3.14-20.el5_10.i386.rpm	SHA-256: bc9ad9677eb4c0851558641ecc691dcac8adc471f0fad30ef4576285816b7b07
xinetd-debuginfo-2.3.14-20.el5_10.i386.rpm	SHA-256: 472d1507afd560895ca1887e8c533f48785cb0f4ebe72e95ac6287015d209b1f

Red Hat Enterprise Linux Server - Extended Update Support from RHUI 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69
i386
xinetd-2.3.14-39.el6_4.i686.rpm	SHA-256: bbc47187d43e65c53a55fa034c58767da0a47536c8247632337a3303fe01fab6
xinetd-debuginfo-2.3.14-39.el6_4.i686.rpm	SHA-256: 2bf7a3021772fc3b09c3222e0942dbafb32b8878902a02ae5e227d039e08d8b2

Red Hat Gluster Storage Server for On-premise 2.1

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69

Red Hat Storage for Public Cloud (via RHUI) 2.1

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69

Red Hat Enterprise Linux EUS Compute Node 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69

Red Hat Enterprise Linux Server - AUS 6.4

SRPM
xinetd-2.3.14-39.el6_4.src.rpm	SHA-256: 9056271e11c376876171769e5f68e520fb0da97337007f84f758281663b7a4e2
x86_64
xinetd-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 31cb7625b8e174e617312c7acfb28088eb16bd8657a4bd9379d34d82224d3bcd
xinetd-debuginfo-2.3.14-39.el6_4.x86_64.rpm	SHA-256: 3d8fc33b9dbe2f12b3b02834c38787215b47892df266fbc65a37941c100b0d69

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.