----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, December 03, 2002 4:38 AM Subject: [RHSA-2002:196-19] Updated xinetd packages fix denial of service vulnerability
> --------------------------------------------------------------------- > Red Hat, Inc. Red Hat Security Advisory > > Synopsis: Updated xinetd packages fix denial of service vulnerability > Advisory ID: RHSA-2002:196-19 > Issue date: 2002-09-06 > Updated on: 2002-12-02 > Product: Red Hat Linux > Keywords: xinetd file descriptor leak flaw:dos-release > Cross references: > Obsoletes: > CVE Names: CAN-2002-0871 > --------------------------------------------------------------------- > > 1. Topic: > > Xinetd contains a denial-of-service (DoS) vulnerability. > > UPDATE 2002-12-02: Updated packages are available to fix issues encountered > with the previous errata packages. > > 2. Relevant releases/architectures: > > Red Hat Linux 7.0 - i386, alpha > Red Hat Linux 7.1 - i386, alpha, ia64 > Red Hat Linux 7.2 - i386, ia64 > Red Hat Linux 7.3 - i386 > Red Hat Linux 8.0 - i386 > > 3. Problem description: > > Xinetd is a secure replacement for inetd, the Internet services daemon. > > Versions of Xinetd prior to 2.3.7 leak file descriptors for the signal > pipe to services that are launched by xinetd. This could allow an attacker > to execute a DoS attack via the pipe. The Common Vulnerabilities and > Exposures project has assigned the name CAN-2002-0871 to this issue. > > Red Hat Linux 7.3 shipped with xinetd version 2.3.4 and is therefore > vulnerable to this issue. All users are advised to upgrade to the errata > packages which fix the vulnerability. > > Thanks to Solar Designer for discovering this issue. > > 4. Solution: > > Before applying this update, make sure all previously released errata > relevant to your system have been applied. > > To update all RPMs for your particular architecture, run: > > rpm -Fvh [filenames] > > where [filenames] is a list of the RPMs you wish to upgrade. Only those > RPMs which are currently installed will be updated. Those RPMs which are > not installed but included in the list will not be updated. Note that you > can also use wildcards (*.rpm) if your current directory *only* contains the > desired RPMs. > > Please note that this update is also available via Red Hat Network. Many > people find this an easier way to apply updates. To use Red Hat Network, > launch the Red Hat Update Agent with the following command: > > up2date > > This will start an interactive process that will result in the appropriate > RPMs being upgraded on your system. > > 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): > > 74696 - Broken tcp_wrappers support > 76146 - xinetd 2.3.9 causes hanging CLOSE_WAIT connections > 77781 - xinetd stop serving the services because "Too many open files" > > 6. RPMs required: > > Red Hat Linux 7.0: > > SRPMS: > ftp://updates.redhat.com/7.0/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > > alpha: > ftp://updates.redhat.com/7.0/en/os/alpha/xinetd-2.3.7-4.7x.alpha.rpm > > i386: > ftp://updates.redhat.com/7.0/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > > Red Hat Linux 7.1: > > SRPMS: > ftp://updates.redhat.com/7.1/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > > alpha: > ftp://updates.redhat.com/7.1/en/os/alpha/xinetd-2.3.7-4.7x.alpha.rpm > > i386: > ftp://updates.redhat.com/7.1/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > > ia64: > ftp://updates.redhat.com/7.1/en/os/ia64/xinetd-2.3.7-4.7x.ia64.rpm > > Red Hat Linux 7.2: > > SRPMS: > ftp://updates.redhat.com/7.2/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > > i386: > ftp://updates.redhat.com/7.2/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > > ia64: > ftp://updates.redhat.com/7.2/en/os/ia64/xinetd-2.3.7-4.7x.ia64.rpm > > Red Hat Linux 7.3: > > SRPMS: > ftp://updates.redhat.com/7.3/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > > i386: > ftp://updates.redhat.com/7.3/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > > Red Hat Linux 8.0: > > SRPMS: > ftp://updates.redhat.com/8.0/en/os/SRPMS/xinetd-2.3.7-5.src.rpm > > i386: > ftp://updates.redhat.com/8.0/en/os/i386/xinetd-2.3.7-5.i386.rpm > > > > 7. Verification: > > MD5 sum Package Name > -------------------------------------------------------------------------- > 38b5f218a384a7ba7cdc0168e2d5f892 7.0/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > ee9c54046762e1b3aa53d66da927f9ce 7.0/en/os/alpha/xinetd-2.3.7-4.7x.alpha.rpm > b4d37fb0fda2fa6606befda4cbd7d458 7.0/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > 38b5f218a384a7ba7cdc0168e2d5f892 7.1/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > ee9c54046762e1b3aa53d66da927f9ce 7.1/en/os/alpha/xinetd-2.3.7-4.7x.alpha.rpm > b4d37fb0fda2fa6606befda4cbd7d458 7.1/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > 569ae16839959297a167bf29e1fb5293 7.1/en/os/ia64/xinetd-2.3.7-4.7x.ia64.rpm > 38b5f218a384a7ba7cdc0168e2d5f892 7.2/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > b4d37fb0fda2fa6606befda4cbd7d458 7.2/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > 569ae16839959297a167bf29e1fb5293 7.2/en/os/ia64/xinetd-2.3.7-4.7x.ia64.rpm > 38b5f218a384a7ba7cdc0168e2d5f892 7.3/en/os/SRPMS/xinetd-2.3.7-4.7x.src.rpm > b4d37fb0fda2fa6606befda4cbd7d458 7.3/en/os/i386/xinetd-2.3.7-4.7x.i386.rpm > 07c7f1cedf7b9a20bad65815765d4ff2 8.0/en/os/SRPMS/xinetd-2.3.7-5.src.rpm > 26e6f6faec33503f3538a4ac80c82ce2 8.0/en/os/i386/xinetd-2.3.7-5.i386.rpm > > > These packages are GPG signed by Red Hat, Inc. for security. Our key > is available at http://www.redhat.com/about/contact/pgpkey.html > > You can verify each package with the following command: > > rpm --checksig -v <filename> > > If you only wish to verify that each package has not been corrupted or > tampered with, examine only the md5sum with the following command: > > md5sum <filename> > > > 8. References: > > http://www.xinetd.org/ > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0871 > > 9. Contact: > > The Red Hat security contact is <[EMAIL PROTECTED]>. More contact > details at http://www.redhat.com/solutions/security/news/contact.html > > Copyright(c) 2000, 2001, 2002 Red Hat, Inc. > _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] Fully Searchable Archives With Friendly Web Interface at http://marc.free.net.ph To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
