Bug 44722 - Security: internal time service in inetd 0.16-7 causes TIME_WAITs in netstat report and can lead to denial of service
Summary: Security: internal time service in inetd 0.16-7 causes TIME_WAITs in netstat ...
Status: CLOSED DUPLICATE of bug 16729
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: inetd
Version: 6.2
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-06-15 18:23 UTC by Bishop Clark
Modified: 2008-05-01 15:38 UTC (History)
0 users

(edit)
Clone Of:
(edit)
Last Closed: 2001-06-15 18:24:29 UTC


Attachments (Terms of Use)
rpm and netstat output showing the bug in action on my server. (6.45 KB, text/plain)
2001-06-15 18:24 UTC, Bishop Clark
no flags Details

Description Bishop Clark 2001-06-15 18:23:04 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.7 [en] (Win98; U)

Description of problem:
When operating the time service on the new -7 release of inetd, my netstat still shows many lingering connections.  This bug was a hot topic 
for 
inetd.0.16-5 or so, and rumoured ot be fixed with -7.

[root@atlas /root]# rpm -q inetd redhat-release
inetd-0.16-7
redhat-release-6.2-1
[root@atlas /root]# netstat | grep time
tcp        0      5 client-151-198-10-:time ip-132147060.newje:2536 FIN_WAIT1   
tcp        0      0 client-151-198-10-:time ip-132147060.newje:2535 TIME_WAIT   
...... about 50 lines ....
tcp        0      0 client-151-198-10-:time ip-132147060.newje:2458 TIME_WAIT   

How reproducible:
Always

Steps to Reproduce:
1.install RH62
2.activate the time service
3.hit with a time client a few times.
	

Additional info:

this error may or may not occur with http://www.platypus.bc.ca/~bishop/software/inetdfix/inetd-0.16-6.i386.rpm .  It was used successfully to fix 
a problem in the official RHL62 version that resembled this new bug.

Comment 1 Bishop Clark 2001-06-15 18:24:26 UTC
Created attachment 21182 [details]
rpm and netstat output showing the bug in action on my server.

Comment 2 Jeff Johnson 2001-06-15 20:22:44 UTC

*** This bug has been marked as a duplicate of 16729 ***


Note You need to log in before you can comment on or make changes to this bug.