Test ID:	1.3.6.1.4.1.25623.1.0.50716
Category:	Mandrake Local Security Checks
Title:	Mandrake Security Advisory MDKSA-2003:056 (xinetd)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to xinetd announced via advisory MDKSA-2003:056. A vulnerability was discovered in xinetd where memory was allocated and never freed if a connection was refused for any reason. Because of this bug, an attacker could crash the xinetd server, making unavailable all of the services it controls. Other flaws were also discovered that could cause incorrect operation in certain strange configurations. These issues have been fixed upstream in xinetd version 2.3.11 which are provided in this update. Affected versions: 8.2, 9.0, 9.1, Corporate Server 2.1, Multi Network Firewall 8.2, Single Network Firewall 7.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2003:056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0211 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0211 Bugtraq: 20030418 Xinetd 2.3.10 Memory Leaks (Google Search) http://marc.info/?l=bugtraq&m=105068673220605&w=2 Conectiva Linux advisory: CLA-2003:782 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000782 http://www.mandriva.com/security/advisories?name=MDKSA-2003:056 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A657 http://www.redhat.com/support/errata/RHSA-2003-160.html
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.