Mandriva Linux Security Advisory : xinetd (MDVSA-2013:248)
High Nessus Plugin ID 70384
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated xinetd package fixes security vulnerability :
It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user (CVE-2013-4342).
SolutionUpdate the affected xinetd and / or xinetd-simple-services packages.