drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in xinetd
| Name: |
Ausführen beliebiger Kommandos in xinetd |
|
| ID: |
FEDORA-2013-18243 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 19 |
|
| Datum: |
Sa, 12. Oktober 2013, 09:32 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 |
|
| Applikationen: |
xinetd |
|
Originalnachricht |
Name : xinetd
Product : Fedora 19
Version : 2.3.15
Release : 8.fc19
URL : http://www.xinetd.org
Summary : A secure replacement for inetd
Description :
Xinetd is a secure replacement for inetd, the Internet services
daemon. Xinetd provides access control for all services based on the
address of the remote host and/or on time of access and can prevent
denial-of-access attacks. Xinetd provides extensive logging, has no
limit on the number of server arguments, and lets you bind specific
services to specific IP addresses on your host machine. Each service
has its own specific configuration file for Xinetd; the files are
located in the /etc/xinetd.d directory.
-------------------------------------------------------------------------------
-
Update Information:
CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services
-------------------------------------------------------------------------------
-
ChangeLog:
* Thu Oct 3 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-8
- Honor user and group directives
- Resolves: CVE-2013-4342
* Sun Aug 4 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 2:2.3.15-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jun 26 2013 Jan Synáček <jsynacek@redhat.com> - 2:2.3.15-6
- Use full path to server when checking selinux context
- Resolves: #977873
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1006100 - CVE-2013-4342 xinetd: ignores user and group directives
for tcpmux services
https://bugzilla.redhat.com/show_bug.cgi?id=1006100
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update xinetd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
