Description of Problem: The most recent version of xinetd on the updates.redhat.com and mirror sites listens on a high number port (24452 I believe). When I connected to this port using telnet, I found a shell with root access priveleges. The loopback address was allowed to connect without any user or password. All other addresses that I tried were immediately disconnected, but I only tried a few. Version-Release number of selected component (if applicable): xinetd-2.3.3-1 How Reproducible: Install the package Steps to Reproduce: 1. Install the package ftp://updates.redhat.com/7.0/en/os/i386/xinetd-2.3.3-1.i386.rpm 2. start xinetd (/etc/rc.d/init.d/xinetd start) 3. connect to the high number port it listens on (telnet localhost 24452) Actual Results: Root priveleges to anyone with shell access (and maybe more) Expected Results: A security update that improves security Additional Information: I found the same package in the 7.1 directory of the updates and didn't look at the 7.2 directory or any others.
Your system has been compromised in another way - take a look at http://www.rvglug.org/pipermail/rvglug/2001-February/000436.html The errata does not ship with this shell (nor does any other version). A reinstall is recommended, followed by an immediate application of all current errata.