Author: JT Smith
“The xinetd port, versions prior to xinetd-2.3.0, contains a
potentially exploitable buffer overflow in the logging routines.
If xinetd is configured to log the userid of remote clients obtained
via the RFC1413 ident service, a remote user may be able to cause
xinetd to crash by returning a specially-crafted ident response. This
may also potentially execute arbitrary code as the user running
xinetd, normally root.” Full details at LinuxSecurity.com.
potentially exploitable buffer overflow in the logging routines.
If xinetd is configured to log the userid of remote clients obtained
via the RFC1413 ident service, a remote user may be able to cause
xinetd to crash by returning a specially-crafted ident response. This
may also potentially execute arbitrary code as the user running
xinetd, normally root.” Full details at LinuxSecurity.com.
Category:
- Linux
