Red Hat Bugzilla – Bug 64237
Errata update has backdoor
Last modified: 2007-03-26 23:53:05 EDT
Description of Problem:
The most recent version of xinetd on the updates.redhat.com and mirror sites
listens on a high number port (24452 I believe). When I connected to this
port using telnet, I found a shell with root access priveleges. The loopback
address was allowed to connect without any user or password. All other
addresses that I tried were immediately disconnected, but I only tried a few.
Version-Release number of selected component (if applicable):
Install the package
Steps to Reproduce:
1. Install the package
2. start xinetd (/etc/rc.d/init.d/xinetd start)
3. connect to the high number port it listens on (telnet localhost 24452)
Root priveleges to anyone with shell access (and maybe more)
A security update that improves security
I found the same package in the 7.1 directory of the updates and didn't look
at the 7.2 directory or any others.
Your system has been compromised in another way - take a look at
The errata does not ship with this shell (nor does any other version).
A reinstall is recommended, followed by an immediate application of all current