漏洞信息详情
xinetd存在多个安全漏洞
- CNNVD编号:CNNVD-200108-148
- 危害等级: 高危
- CVE编号: CVE-2001-1389
- 漏洞类型: 未知
- 发布时间: 2001-08-29
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: xinetd
- 漏洞来源:
漏洞简介
CVE(CAN) ID: CAN-2001-1389 Xinetd 是Inernet Service daemon(inetd)的一个新的实现,它已经成为一些较新版本的 Unix操作系统基本软件的一部分。 它的2.3以及以前版本中存在很多安全问题。其中一些问题可能导致远程拒绝服务或者攻 击者远程获取root权限。 上述问题是Solar Designer在一次代码安全审计中发现的。
漏洞公告
1. Linux-Mandrake ( http://www.linux-mandrake.com/en/security/)为此发布了一份安全公告 : MDKSA-2001:076 - xinetd update 补丁下载 - ________________________________________________________________________ Linux-Mandrake 7.2: a2173e85bed3b3173e040b242864dcc0 7.2/RPMS/xinetd-2.3.0-5.2mdk.i586.rpm 5b8663eeeefae36206b0003d61b67206 7.2/SRPMS/xinetd-2.3.0-5.2mdk.src.rpm Mandrake Linux 8.0: 2f559b028fe14780460c37de5a521bce 8.0/RPMS/xinetd-2.3.0-5.1mdk.i586.rpm 81766c2104aa7e1f197dac9dce1c09af 8.0/RPMS/xinetd-ipv6-2.3.0-5.1mdk.i586.rpm 3f18d89cce258d2a71cc57c84068c8ce 8.0/SRPMS/xinetd-2.3.0-5.1mdk.src.rpm Mandrake Linux 8.0 (PPC): 3826a60dc427f880056622df0ef086db ppc/8.0/RPMS/xinetd-2.3.0-5.1mdk.ppc.rpm 223c5c1566adacb46d95de1a24842c19 ppc/8.0/RPMS/xinetd-ipv6-2.3.0-5.1mdk.ppc.rpm 3e1b86780d9f59088754cbca5ff55a08 ppc/8.0/SRPMS/xinetd-2.3.0-5.1mdk.src.rpm Single Network Firewall 7.2: a2173e85bed3b3173e040b242864dcc0 snf7.2/RPMS/xinetd-2.3.0-5.2mdk.i586.rpm 5b8663eeeefae36206b0003d61b67206 snf7.2/SRPMS/xinetd-2.3.0-5.2mdk.src.rpm ________________________________________________________________________ 2. Immunix ( http://immunix.org/)为此发布了一份安全公告 : IMNX-2001-70-033-01 - ImmunixOS 7.0 update for xinetd 补丁下载 - ________________________________________________________________________ Precompiled binary packages for Immunix 7.0 are available at: http://download.immunix.org/ImmunixOS/7.0/updates/RPMS/xinetd-2.3.3-1_imnx.i386.rpm Source package for Immunix 7.0 is available at: http://download.immunix.org/ImmunixOS/7.0/updates/SRPMS/xinetd-2.3.3-1_imnx.src.rpm Immunix OS 7.0 md5sums: 654c1aa4337fbb5752e80d173b186266 RPMS/xinetd-2.3.3-1_imnx.i386.rpm 2e992bf61ab5439f18e3740a502dc050 SRPMS/xinetd-2.3.3-1_imnx.src.rpm ________________________________________________________________________ 3. CONECTIVA LINUX ( http://www.conectiva.com)为此发布了一份安全公告 : [CLA-2001:416] Conectiva Linux Security Announcement - xinetd 补丁下载 - ________________________________________________________________________ ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/xinetd-2.3.2-1U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-2.3.2-1U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-devel-2.3.2-1U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-devel-static-2.3.2-1U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/xinetd-2.3.2-1U70_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xinetd-2.3.2-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xinetd-devel-static-2.3.2-1U70_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/xinetd-devel-2.3.2-1U70_1cl.i386.rpm ________________________________________________________________________
参考网址
来源: REDHAT 名称: RHSA-2001:109 链接:http://rhn.redhat.com/errata/RHSA-2001-109.HTML 来源: MANDRAKE 名称: MDKSA-2001:076 链接:http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-076.php3 来源: IMMUNIX 名称: IMNX-2001-70-033-01 链接:http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-033-01 来源: BID 名称: 3257 链接:http://www.securityfocus.com/bid/3257 来源: BUGTRAQ 名称: 20010830 xinetd 2.3.0 audit status 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=99913751525583&w=2
受影响实体
- Xinetd Xinetd:2.1.8.9_pre3
- Xinetd Xinetd:2.1.8.9_pre5
- Xinetd Xinetd:2.1.8.9_pre7
- Xinetd Xinetd:2.1.8.9_pre8
- Xinetd Xinetd:2.1.8.9_pre9
补丁
暂无
评论