Vulnerabilities > CVE-2002-0871 - Denial Of Service vulnerability in Xinetd Open File Descriptor
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2002-053.NASL description A vulnerability was discovered by Solar Designer in xinetd. File descriptors for the signal pipe that were introduced in version 2.3.4 are leaked into services started by xinetd, which can then be used to talk to xinetd, resulting in a crash of xinetd. last seen 2020-06-01 modified 2020-06-02 plugin id 61918 published 2012-09-06 reporter This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/61918 title Mandrake Linux Security Advisory : xinetd (MDKSA-2002:053) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2002:053. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(61918); script_version("1.5"); script_cvs_date("Date: 2019/08/02 13:32:46"); script_cve_id("CVE-2002-0871"); script_xref(name:"MDKSA", value:"2002:053"); script_name(english:"Mandrake Linux Security Advisory : xinetd (MDKSA-2002:053)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A vulnerability was discovered by Solar Designer in xinetd. File descriptors for the signal pipe that were introduced in version 2.3.4 are leaked into services started by xinetd, which can then be used to talk to xinetd, resulting in a crash of xinetd." ); script_set_attribute( attribute:"solution", value:"Update the affected xinetd and / or xinetd-ipv6 packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xinetd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:xinetd-ipv6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2"); script_set_attribute(attribute:"patch_publication_date", value:"2002/08/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/09/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"xinetd-2.3.7-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"xinetd-ipv6-2.3.7-1.1mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-151.NASL description Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usually called a denial of service. This problem has been fixed by the package maintainer in version 2.3.4-1.2 for the current stable distribution (woody) and in version 2.3.7-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn last seen 2020-06-01 modified 2020-06-02 plugin id 14988 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14988 title Debian DSA-151-1 : xinetd - pipe exposure code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-151. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(14988); script_version("1.17"); script_cvs_date("Date: 2019/08/02 13:32:17"); script_cve_id("CVE-2002-0871"); script_bugtraq_id(5458); script_xref(name:"DSA", value:"151"); script_name(english:"Debian DSA-151-1 : xinetd - pipe exposure"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usually called a denial of service. This problem has been fixed by the package maintainer in version 2.3.4-1.2 for the current stable distribution (woody) and in version 2.3.7-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't contain the signal pipe." ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2002/dsa-151" ); script_set_attribute(attribute:"solution", value:"Upgrade the xinetd packages."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xinetd"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0"); script_set_attribute(attribute:"patch_publication_date", value:"2002/08/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/09/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.0", prefix:"xinetd", reference:"2.3.4-1.2")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:deb_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Redhat
advisories |
|
References
- http://marc.info/?l=bugtraq&m=102935383506155&w=2
- http://www.iss.net/security_center/static/9844.php
- http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-053.php
- http://www.redhat.com/support/errata/RHSA-2002-196.html
- http://www.redhat.com/support/errata/RHSA-2003-228.html
- http://www.securityfocus.com/bid/5458
- https://www.debian.org/security/2002/dsa-151