CVE-2002-0871

Name of the Vulnerable Software and Affected Versions xinetd versions 2.3.4 through 2.3.11

Description The issue affects the xinetd package, allowing for potential disruption of protected information. Exploitation can be done remotely or locally, depending on the context, and may lead to a denial of service. Specifically, in version 2.3.4, xinetd leaks file descriptors for the signal pipe to services launched by xinetd, which those services could exploit to cause a denial of service via the pipe.

Recommendations For xinetd version 2.3.4, consider restricting access to services launched by xinetd to prevent potential denial of service attacks via the signal pipe. For xinetd versions 2.3.7 through 2.3.11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.