Slackware 8.1 / 9.0 / current : inetd DoS patched (SSA:2003-251-01)

High Nessus Plugin ID 18736


The remote Slackware host is missing a security update.


Upgraded inetd packages are available for Slackware 8.1, 9.0 and -
-current. These fix a previously hard-coded limit of 256 connections-per-minute, after which the given service is disabled for ten minutes. An attacker could use a quick burst of connections every ten minutes to effectively disable a service. Once upon a time, this was an intentional feature of inetd, but in today's world it has become a bug. Even having inetd look at the source IP and try to limit only the source of the attack would be problematic since TCP source addresses are so easily faked. So, the approach we have taken (borrowed from FreeBSD) is to disable this rate limiting 'feature' by default. It can be reenabled by providing a -R <rate> option on the command-line if desired, but for obvious reasons we do not recommend this. Any site running services through inetd that they would like protected from this simple DoS attack should upgrade to the new inetd package immediately.


Update the affected inetd package.

See Also

Plugin Details

Severity: High

ID: 18736

File Name: Slackware_SSA_2003-251-01.nasl

Version: $Revision: 1.11 $

Type: local

Published: 2005/07/13

Modified: 2013/06/01

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:inetd, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:8.1, cpe:/o:slackware:slackware_linux:9.0

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Patch Publication Date: 2003/09/08

Reference Information

SSA: 2003-251-01