MDVSA-2012:155-1 -- Mandriva xinetdID: oval:org.secpod.oval:def:302963 | Date: (C)2012-11-26 (M)2023-12-07 |
Class: PATCH | Family: unix |
A security issue was identified and fixed in xinetd: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1 . The updated packages have been patched to correct this issue.
Platform: |
Mandriva Linux 2011.0 |