xfocus logo xfocus title
首页 焦点原创 安全文摘 安全工具 安全漏洞 焦点项目 焦点论坛 关于我们
English Version
 最近严重漏洞 
Microsoft RPC接口远程任意代码可执行漏洞
Cisco IOS接口不正确处理IPV4包远程拒绝服务漏洞
Microsoft Windows CreateFile API命名管道权限提升漏洞

Xinetd拒绝连接内存泄露远程拒绝服务漏洞


发布时间:2003-04-18
更新时间:2003-04-23
严重程度:
威胁程度:远程拒绝服务
错误类型:设计错误
利用方式:服务器模式

BUGTRAQ ID:7382
CVE(CAN) ID:CAN-2003-0211

受影响系统
RedHat xinetd-2.1.8.9pre14-6.i386.rpm
   + RedHat Linux 7.1
RedHat xinetd-2.1.8.9pre9-6.i386.rpm
   + RedHat Linux 7.0
RedHat xinetd-2.3.10-6.i386.rpm
   + RedHat Linux 9.0 i386
RedHat xinetd-2.3.3-1.i386.rpm
   + RedHat Linux 7.2 i386
RedHat xinetd-2.3.3-1.ia64.rpm
   + RedHat Linux 7.2 ia64
RedHat xinetd-2.3.4-0.8.i386.rpm
   + RedHat Linux 7.3
RedHat xinetd-2.3.7-2.i386.rpm
   + RedHat Linux 8.0
Xinetd Xinetd 2.1.8 .9pre15
   + Immunix Immunix OS 7.0
   + Immunix Immunix OS 7.0 beta
Xinetd Xinetd 2.1.8 .9pre14
   + MandrakeSoft Linux Mandrake 8.0
   + RedHat Linux 7.1
Xinetd Xinetd 2.1.8 .9pre13
Xinetd Xinetd 2.1.8 .9pre12
   + MandrakeSoft Linux Mandrake 7.2
   + MandrakeSoft Single Network Firewall 7.2
Xinetd Xinetd 2.3
   + Conectiva Linux 6.0
   + Conectiva Linux 7.0
   + Immunix Immunix OS 7.0
Xinetd Xinetd 2.3.1
Xinetd Xinetd 2.3.2
Xinetd Xinetd 2.3.3
Xinetd Xinetd 2.3.4
Xinetd Xinetd 2.3.5
   + Gentoo Linux 0.5
   + Gentoo Linux 0.7
Xinetd Xinetd 2.3.6
   + MandrakeSoft Corporate Server 2.1
   + MandrakeSoft Linux Mandrake 8.2
   + MandrakeSoft Linux Mandrake 8.2 ppc
Xinetd Xinetd 2.3.7
   + MandrakeSoft Linux Mandrake 9.0
Xinetd Xinetd 2.3.8
Xinetd Xinetd 2.3.9
Xinetd Xinetd 2.3.10
   + MandrakeSoft Linux Mandrake 9.1
   + MandrakeSoft Linux Mandrake 9.1 ppc
详细描述
Xinetd是流行的inetd替代程序。

当连接被拒绝时由于内存泄露会导致Xinetd崩溃。攻击者可以提交多个持续的连接给有此漏洞的Xinetd服务程序,可大量消耗系统资源而产生拒绝服务。

测试代码
while true; do telnet localhost chargen < /dev/null; done;

解决方案
补丁下载:

RedHat xinetd-2.1.8.9pre14-6.i386.rpm :

RedHat Upgrade xinetd-2.3.11-1.7x.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/xinetd-2.3.11-1.7x.i386.rpm

RedHat xinetd-2.3.3-1.i386.rpm :

RedHat Upgrade xinetd-2.3.11-1.7x.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/xinetd-2.3.11-1.7x.i386.rpm

RedHat xinetd-2.3.3-1.ia64.rpm :

RedHat Upgrade xinetd-2.3.11-1.7x.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/xinetd-2.3.11-1.7x.ia64.rpm

RedHat xinetd-2.3.4-0.8.i386.rpm :

RedHat Upgrade xinetd-2.3.11-1.7x.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/xinetd-2.3.11-1.7x.i386.rpm

RedHat xinetd-2.3.7-2.i386.rpm :

RedHat Upgrade xinetd-2.3.11-1.8.0.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/xinetd-2.3.11-1.8.0.i386.rpm

RedHat xinetd-2.3.10-6.i386.rpm :

RedHat Upgrade xinetd-2.3.11-1.9.0.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/xinetd-2.3.11-1.9.0.i386.rpm

Xinetd Xinetd 2.1.8 .9pre12:

Mandrake APAR xinetd-2.3.11-1.2mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Single Network Firewall 7.2

Mandrake APAR xinetd-ipv6-2.3.11-1.2mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Single Network Firewall 7.2

Xinetd Xinetd 2.3:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.1:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.2:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.3:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.4:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.5:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.6:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Mandrake APAR xinetd-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Multi Network Firewall 8.2

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Multi Network Firewall 8.2

Mandrake APAR xinetd-2.3.11-1.1mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2/PPC

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2/PPC

Mandrake APAR xinetd-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 8.2

Mandrake APAR xinetd-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Corporate Server 2.1

Xinetd Xinetd 2.3.7:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Mandrake APAR xinetd-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.0

Xinetd Xinetd 2.3.8:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.9:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Xinetd Xinetd 2.3.10:

Xinetd Upgrade xinetd-2.3.11.tar.gz
http://www.xinetd.org/xinetd-2.3.11.tar.gz

Mandrake APAR xinetd-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.i586.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1

Mandrake APAR xinetd-2.3.11-1.1mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC

Mandrake APAR xinetd-ipv6-2.3.11-1.1mdk.ppc.rpm
http://www.mandrakesecure.net/en/ftp.php
Mandrake Linux 9.1/PPC

相关信息
Steve Grubb <linux_4ever@yahoo.com>.
参考:http://www.securityfocus.com/advisories/5381
http://www.securityfocus.com/advisories/5375
http://www.securityfocus.com/archive/1/319088
http://rhn.redhat.com/errata/RHSA-2003-161.html
相关主页:http://www.xinetd.org/
Copyright © 1998-2003 XFOCUS Team. All Rights Reserved