Content-Type: text/html
Red Hat Network has determined that the following advisory is applicable to one or more of the systems you have registered: Complete information about this errata can be found at the following location: https://rhn.redhat.com/network/errata/errata_details.pxt?eid=1250 Security Advisory - RHSA-2002:196-19 ------------------------------------------------------------------------------- Summary: Updated xinetd packages fix denial of service vulnerability Xinetd contains a denial-of-service (DoS) vulnerability. UPDATE 2002-12-02: Updated packages are available to fix issues encountered with the previous errata packages. Description: Xinetd is a secure replacement for inetd, the Internet services daemon. Versions of Xinetd prior to 2.3.7 leak file descriptors for the signal pipe to services that are launched by xinetd. This could allow an attacker to execute a DoS attack via the pipe. The Common Vulnerabilities and Exposures project has assigned the name CAN-2002-0871 to this issue. Red Hat Linux 7.3 shipped with xinetd version 2.3.4 and is therefore vulnerable to this issue. All users are advised to upgrade to the errata packages which fix the vulnerability. Thanks to Solar Designer for discovering this issue. References: http://www.xinetd.org/ ------------------------------------------------------------------------------- -------------- Taking Action -------------- You may address the issues outlined in this advisory in two ways: - select your server name by clicking on its name from the list available at the following location, and then schedule an errata update for it: https://rhn.redhat.com/network/systemlist/system_list.pxt - run the Update Agent on each affected server. ---------------------------------- Changing Notification Preferences ---------------------------------- To enable/disable your Errata Alert preferences globally please log in to RHN and navigate from "Your RHN" / "Your Account" to the "Preferences" tab. URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt You can also enable/disable notification on a per system basis by selecting an individual system from the "Systems List". From the individual system view click the "Details" tab. ----------------- Affected Systems ----------------- According to our records, this errata may apply to one or more of the systems that you've profiled with Red Hat Network. To see precisely which systems are affected, please go to: https://rhn.redhat.com/network/errata/systems_affected.pxt?eid=1250 The Red Hat Network Team This message is being sent by Red Hat Network Alert to: RHN user login: stare Email address on file:If you lost your RHN password, you can use the information above to retrieve it by email from the following address: https://rhn.redhat.com/forgot_password.pxt To cancel these notices, go to: https://rhn.redhat.com/oo.pxt?uid=1241646&oid=1801556