Vulnerability in xinetd (Found)

[ml <ml () BLAS NET>]

Here is what I found.
At the time of the pseudo-intrusion, there was effectively a host name in the
filter and the current version is 2.1.88p1.



xinetd Connection Filtering Via Hostname Vulnerability

RELEASED: June 04, 2000
AFFECTS: xinetd 2.1.87, 88, 89 almost all versions
REFERENCE: http://www.securityfocus.com/bid/1381

If a hostname is specified to limit access to a service instead of an IP (for
instance, specifying 'localhost' instead of 127.0.0.1), any host which attempts
to connect to the service that does not have a reverse record will be able to
connect, when they should actually be denied. SAFER Upgrading to version
2.1.8.8p3 or 2.1.8.9pre6, or later, will eliminate this vulnerability


Thanks,
and sorry for the disturbance of the mailing-list,

db