Mandriva Linux Security Advisory : xinetd (MDVSA-2012:155-1)
Medium Nessus Plugin ID 62403
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA security issue was identified and fixed in xinetd :
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1 (CVE-2012-0862).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected xinetd and / or xinetd-simple-services packages.