Xinetd Buffer Overflow Vulnerability

The possibility for a buffer overflow condition exists in the xinetd daemon.

Xinetd provides the ability to log via identd the user-identities of clients connecting to specific services if the clients host supports it.

It may be possible for attackers to construct identd responses which exploit this subtle overflow condition.

If successfully exploited, an attacker would gain root privileges on the affected host. It may also be possible for attackers to crash xinetd, which would result in a denial of service for all services started by inetd (telnet, ftp, etc).


Privacy Statement
Copyright 2010, SecurityFocus