xinetd-2.3.14-39.AXS4

エラータID: AXSA:2014-006:01

Release date: 
Tuesday, March 4, 2014 - 13:24
Subject: 
xinetd-2.3.14-39.AXS4
Affected Channels: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory.

Security issues fixed with this release:

• CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

Solution: 

Update packages.

CVEs: 
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.


Additional Info: 

N/A

Download: 

SRPMS
  1. xinetd-2.3.14-39.AXS4.src.rpm
    MD5: 5aa8ef577f1a2e7dae657305c8400a82
    SHA-256: 6ccff6a94e9dfa0690863ee12a8128fa3cc98c721a4c277434ca1d2f6850498f
    Size: 339.38 kB

Asianux Server 4 for x86
  1. xinetd-2.3.14-39.AXS4.i686.rpm
    MD5: 172dcc20a6465f967fefaf5c9c65d19f
    SHA-256: 04df92832e8655852b4036a28d5c58a02bb0d7a8cf803756df54fb538848f8f7
    Size: 121.75 kB

Asianux Server 4 for x86_64
  1. xinetd-2.3.14-39.AXS4.x86_64.rpm
    MD5: 784f3bcbd9adda893511a644edce4a57
    SHA-256: d4814eb6de9ff0dc79df98b6d0cdca443d993fd4676cb2a2773a04f7c845bd72
    Size: 120.96 kB