Package name
xinetd
Date
2013-10-10
Advisory ID
MDVSA-2013:248
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

Updated xinetd package fixes security vulnerability:

It was found that xinetd ignored the user and group configuration
directives for services running under the tcpmux-server service. This
flaw could cause the associated services to run as root. If there was
a flaw in such a service, a remote attacker could use it to execute
arbitrary code with the privileges of the root user (CVE-2013-4342).

Updated packages

MES5 i586

 7976fe68c2fbf71a2df62a39f2128fe2  mes5/i586/xinetd-2.3.14-9.2mdvmes5.2.i586.rpm
 5cf2234e84b17e0a281523cab4a5c7d5  mes5/i586/xinetd-simple-services-2.3.14-9.2mdvmes5.2.i586.rpm 
 b6b4f88ddde0c620305f561e0763e062  mes5/SRPMS/xinetd-2.3.14-9.2mdvmes5.2.src.rpm

MBS1 x86_64

 71c6525d8fd04f94fcf6bfc9fefd5ead  mbs1/x86_64/xinetd-2.3.15-1.1.mbs1.x86_64.rpm
 386144202dbe1cd6f4a3cab2cbce77c1  mbs1/x86_64/xinetd-simple-services-2.3.15-1.1.mbs1.x86_64.rpm 
 d36307cca323809a2af5903761acccd2  mbs1/SRPMS/xinetd-2.3.15-1.1.mbs1.src.rpm

MES5 x86_64

 56b91a23fb44b3464e1d7efa852211a1  mes5/x86_64/xinetd-2.3.14-9.2mdvmes5.2.x86_64.rpm
 81cfdaeae19dc5c65572147fc054c092  mes5/x86_64/xinetd-simple-services-2.3.14-9.2mdvmes5.2.x86_64.rpm 
 b6b4f88ddde0c620305f561e0763e062  mes5/SRPMS/xinetd-2.3.14-9.2mdvmes5.2.src.rpm

References