Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2012:155 (xinetd)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.72436

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2012:155 (xinetd)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to xinetd
announced via advisory MDVSA-2012:155.

A security issue was identified and fixed in xinetd:

builtins.c in Xinetd before 2.3.15 does not check the service type
when the tcpmux-server service is enabled, which exposes all enabled
services and allows remote attackers to bypass intended access
restrictions via a request to tcpmux port 1 (CVE-2012-0862).

The updated packages have been patched to correct this issue.

Affected: Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:155

Risk factor : High

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2012-0862
BugTraq ID: 53720
http://www.securityfocus.com/bid/53720
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html
http://www.mandriva.com/security/advisories?name=MDVSA-2012:155
https://bugzilla.redhat.com/attachment.cgi?id=583311
https://bugzilla.redhat.com/show_bug.cgi?id=790940
http://www.openwall.com/lists/oss-security/2012/05/09/5
http://www.openwall.com/lists/oss-security/2012/05/10/2
http://www.osvdb.org/81774
RedHat Security Advisories: RHSA-2013:1302
http://rhn.redhat.com/errata/RHSA-2013-1302.html
http://www.securitytracker.com/id?1027050
XForce ISS Database: xinetd-tcpmux-weak-security(75965)
https://exchange.xforce.ibmcloud.com/vulnerabilities/75965

Copyright Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.72436
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:155 (xinetd)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to xinetd announced via advisory MDVSA-2012:155. A security issue was identified and fixed in xinetd: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1 (CVE-2012-0862). The updated packages have been patched to correct this issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:155 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2012-0862 BugTraq ID: 53720 http://www.securityfocus.com/bid/53720 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:155 https://bugzilla.redhat.com/attachment.cgi?id=583311 https://bugzilla.redhat.com/show_bug.cgi?id=790940 http://www.openwall.com/lists/oss-security/2012/05/09/5 http://www.openwall.com/lists/oss-security/2012/05/10/2 http://www.osvdb.org/81774 RedHat Security Advisories: RHSA-2013:1302 http://rhn.redhat.com/errata/RHSA-2013-1302.html http://www.securitytracker.com/id?1027050 XForce ISS Database: xinetd-tcpmux-weak-security(75965) https://exchange.xforce.ibmcloud.com/vulnerabilities/75965
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com