Xinetd Open File Descriptor Denial Of Service Vulnerability

Solution:
Gentoo Linux recommends that all users who are running sys-apps/xinetd-2.3.5 and earlier update their systems by running the following commands:

emerge rsync
emerge xinetd
emerge clean

MandrakeSoft has stated that Linux Mandrake 8.2 is affected. Fixes are available for i586 and PPC platforms. Further details are available in the referenced advisory.

FreeBSD has released upgrades. Users are advised to upgrade their Ports
collection and reinstall the affected port.

RedHat has released an advisory. Fixes are available for i386 and alpha platforms.

Conectiva has also released an advisory (CLSA-2003:790) including a fix to address this issue in CLEE 1.0.

HP has released bulletin HPSBTL0211-0076 to provide fixes for this issue.

The following fixes are available:


HP Secure OS software for Linux 1.0

Conectiva Linux Enterprise Edition 1.0

Xinetd Xinetd 2.3.4

Xinetd Xinetd 2.3.5

Xinetd Xinetd 2.3.6


 

Privacy Statement
Copyright 2010, SecurityFocus