SSA-2003-251-01 : inetd DoS patched

NASLDB: SSA-2003-251-01 : inetd DoS patched

General

ID: 18736
Name: SSA-2003-251-01 : inetd DoS patched

Summary: Checks for updated package(s) in /var/log/packages

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Slackware Local Security Checks
Type: Local

Description

Upgraded inetd packages are available for Slackware 8.1, 9.0 and –
-current. These fix a previously hard-coded limit of 256
connections-per-minute, after which the given service is disabled for
ten minutes. An attacker could use a quick burst of connections
every ten minutes to effectively disable a service. Once upon a time,
this was an intentional feature of inetd, but in today\‘s world it
has become a bug. Even having inetd look at the source IP and try to
limit only the source of the attack would be problematic since TCP
source addresses are so easily faked. So, the approach we have taken
(borrowed from FreeBSD) is to disable this rate limiting "feature" by
default. It can be reenabled by providing a -R <rate> option on the
command-line if desired, but for obvious reasons we do not recommend
this.

Any site running services through inetd that they would like
protected from this simple DoS attack should upgrade to the new inetd
package immediately.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: –
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2003/09/08
Plugin Release: 2005/07/13

Plugin

Version: 1.9
Filename: Slackware_SSA_2003-251-01.nasl
Filesize: 3845 bytes
MD5 Hash: 636b27b5a1b06af4475656aa982d34e6

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG