• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Focus On: Vista
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

• info
• discussion
• exploit
• solution
• references

Xinetd Buffer Overflow Vulnerability

Solution:
Version 2.1.8.9pre14, which ships with Red Hat Linux 7.1 is patched.

An update has been made available from Red Hat which reportedly corrects this issue. Though these updates were published in an advisory for another xinetd vulnerability (see BID 2826), the buffer overflow is reportedly eliminated as well.

Debian has also made updated packages available.


RedHat xinetd-2.1.8.9pre9-6.i386.rpm

• RedHat 7.0 i386 xinetd-2.1.8.9pre15-2.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/xinetd-2.1.8.9pre15-2.i386.rpm

RedHat xinetd-2.1.8.9pre14-6.i386.rpm

• RedHat 7.1 i386 xinetd-2.1.8.9pre15-2.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/xinetd-2.1.8.9pre15-2.i386.rpm

Xinetd Xinetd 2.1.8 .8pre3

• Debian 2.2 alpha xinetd_2.1.8.8.p3-1.1_alpha.deb
  http://security.debian.org/dists/stable/updates/main/binary-alpha/xine td_2.1.8.8.p3-1.1_alpha.deb


• Debian 2.2 arm xinetd_2.1.8.8.p3-1.1_arm.deb
  http://security.debian.org/dists/stable/updates/main/binary-arm/xinetd _2.1.8.8.p3-1.1_arm.deb


• Debian 2.2 i386 xinetd_2.1.8.8.p3-1.1_i386.deb
  http://security.debian.org/dists/stable/updates/main/binary-i386/xinet d_2.1.8.8.p3-1.1_i386.deb


• Debian 2.2 m68k xinetd_2.1.8.8.p3-1.1_m68k.deb
  http://security.debian.org/dists/stable/updates/main/binary-m68k/xinet d_2.1.8.8.p3-1.1_m68k.deb


• Debian 2.2 ppc xinetd_2.1.8.8.p3-1.1_powerpc.deb
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/xi netd_2.1.8.8.p3-1.1_powerpc.deb


• Debian 2.2 sparc xinetd_2.1.8.8.p3-1.1_sparc.deb
  http://security.debian.org/dists/stable/updates/main/binary-sparc/xine td_2.1.8.8.p3-1.1_sparc.deb

Xinetd Xinetd 2.1.8 .9pre10

• Mandrake 7.2 i586 xinetd-2.3.0-1.2mdk.i586.rpm
  ftp://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/7.2/RPMS/x inetd-2.3.0-1.2mdk.i586.rpm


• Mandrake snf7.2 i586 xinetd-2.3.0-1.2mdk.i586.rpm
  ftp://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/snf7.2/RPM S/xinetd-2.3.0-1.2mdk.i586.rpm

Xinetd Xinetd 2.1.8 .9pre11

• Conectiva 6.0 i386 xinetd-2.1.8.9pre15-2U60_2cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-2.1.8.9pre15-2U60_ 2cl.i386.rpm


• Conectiva 6.0 i386 xinetd-devel-2.1.8.9pre15-2U60_2cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-devel-2.1.8.9pre15 -2U60_2cl.i386.rpm


• Conectiva 6.0 i386 xinetd-devel-static-2.1.8.9pre15-2U60_2cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/xinetd-devel-static-2.1.8 .9pre15-2U60_2cl.i386.rpm

Xinetd Xinetd 2.1.8 .8

• EnGarde Secure Linux 1.0.1 i386 xinetd-2.1.8.9pre16-1.0.17.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/xinetd-2.1. 8.9pre16-1.0.17.i386.rpm


• EnGarde Secure Linux 1.0.1 i686 xinetd-2.1.8.9pre16-1.0.17.i386.rpm
  ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/xinetd-2.1. 8.9pre16-1.0.17.i386.rpm

Xinetd Xinetd 2.1.8 .9pre3

• S.u.S.E. 6.3 alpha xinetd-2.1.8.8p3-95.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/6.3/n1/xinetd-2.1.8.8p3-95.alph a.rpm


• S.u.S.E. 6.3 i386 xinetd-2.1.8.8p3-141.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/6.3/n1/xinetd-2.1.8.8p3-141.i3 86.rpm


• S.u.S.E. 6.4 alpha xinetd-2.1.8.8p3-95.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/6.4/n1/xinetd-2.1.8.8p3-95.alph a.rpm


• S.u.S.E. 6.4 i386 xinetd-2.1.8.8p3-139.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/xinetd-2.1.8.8p3-139.i3 86.rpm


• S.u.S.E. 6.4 ppc xinetd-2.1.8.8p3-101.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/xinetd-2.1.8.8p3-101.ppc .rpm


• S.u.S.E. 7.0 alpha xinetd-2.1.8.8p3-96.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.0/n1/xinetd-2.1.8.8p3-96.alph a.rpm


• S.u.S.E. 7.0 i386 xinetd-2.1.8.8p3-140.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/xinetd-2.1.8.8p3-140.i3 86.rpm


• S.u.S.E. 7.0 ppc xinetd-2.1.8.8p3-101.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/xinetd-2.1.8.8p3-101.ppc .rpm


• S.u.S.E. 7.1 alpha xinetd-2.1.8.8p3-96.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/n2/xinetd-2.1.8.8p3-96.alph a.rpm


• S.u.S.E. 7.1 i386 xinetd-2.1.8.8p3-140.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/n2/xinetd-2.1.8.8p3-140.i3 86.rpm


• S.u.S.E. 7.1 ppc xinetd-2.1.8.8p3-102.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.1/n2/xinetd-2.1.8.8p3-102.ppc .rpm


• S.u.S.E. 7.1 sparc xinetd-2.1.8.8p3-89.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n2/xinetd-2.1.8.8p3-89.sp arc.rpm


• S.u.S.E. 7.2 i386 xinetd-2.1.8.8p3-139.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n2/xinetd-2.1.8.8p3-139.i3 86.rpm

Xinetd Xinetd 2.1.8 .9pre14

• Mandrake 8.0 i586 xinetd-2.3.0-1.1mdk.i586.rpm
  ftp://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/8.0/RPMS/x inetd-2.3.0-1.1mdk.i586.rpm


• Mandrake 8.0 i586 xinetd-ipv6-2.3.0-1.1mdk.i586.rpm
  ftp://sunsite.ualberta.ca/pub/Mirror/Linux/mandrake/updates/8.0/RPMS/x inetd-ipv6-2.3.0-1.1mdk.i586.rpm