xinetd Connection Filtering Via Hostname Vulnerability

A vulnerability exists in versions of xinetd prior to versions 2.1.8.8p3 and 2.1.8.9pre6. If a hostname is specified to limit access to a service instead of an ip (for instance, specifying 'localhost' instead of 127.0.0.1), any host which attempts to connect to the service that does not have a reverse record will be able to connect, when they should actually be denied.


 

Privacy Statement
Copyright 2010, SecurityFocus