|
|
|
 |
Vulnerability Note VU#880624Compaq Tru64 Unix inetd vulnerable to DoSOverviewThe inetd service on Compaq's Tru64 UNIX is vulnerable to a denial-of-service.I. DescriptionThe inetd service on Compaq's Tru64 UNIX V5.1 (all patch levels) is vulnerable to a denial-of-service attack in which inetd will stop accepting new connections. In turn, this would disrupt the normal operation of any service that is started from inetd. Quoting from Compaq's advisory:A potential security vulnerability has been discovered for Tru64 UNIX V5.1, where under certain circumstances, there is a problem with the inetd Internet services daemon that can cause it to stop accepting connections. This causes all services handled by inetd to be inaccessible including ftp, telnet, rsh, rlogin, rexec, pop3, imap, radius, etc.. An intruder may be able to exploit this vulnerability by interrupting other services. Again quoting from Compaq:
II. ImpactAn intruder may be able to interrupt services started from inetd, such as ftp, telnet, rsh, etc.III. SolutionApply the latest aggregate patch kits for Compaq Ttru64 Unix. If that is not possible, obtain a patch through your normal Compaq Services support channel using the reference SSRT0708U.
ReferencesOur thanks to Compaq Computer Corporation for the information contained in this bulletin. This document was written by Shawn V. Hernan.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||