[slackware-security]  inetd DoS patched (SSA:2003-251-01)


Upgraded inetd packages are available for Slackware 8.1, 9.0 and
- -current.  These fix a previously hard-coded limit of 256
connections-per-minute, after which the given service is disabled
for ten minutes.  An attacker could use a quick burst of
connections every ten minutes to effectively disable a service.

Once upon a time, this was an intentional feature of inetd, but in
today's world it has become a bug.  Even having inetd look at the
source IP and try to limit only the source of the attack would be
problematic since TCP source addresses are so easily faked.  So,
the approach we have taken (borrowed from FreeBSD) is to disable
this rate limiting "feature" by default.  It can be reenabled by
providing a -R  option on the command-line if desired, but
for obvious reasons we do not recommend this.

Any site running services through inetd that they would like
protected from this simple DoS attack should upgrade to the new
inetd package immediately.


Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
patches/packages/inetd-1.79s-i386-2.tgz:  Disable inetd's (stupid)
  connection limiting code which can actually cause a DoS rather than
  preventing it.  The default connections-per-minute is now unlimited.
  -R 0 also removes limiting (this is now mentioned in the man page as
  well).  Thanks to 3APA3A for reporting this issue.
  (* Security fix *)
+--------------------------+



WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated package for Slackware 8.1: 


Updated package for Slackware 9.0: 


Updated package for Slackware -current: 
 



MD5 SIGNATURES:
+-------------+

Slackware 8.1 package:
018502403c63b7257b79deea55a51db5  inetd-1.79s-i386-2.tgz

Slackware 9.0 package:
c844eb828e87ec9b263d4a7879a895d8  inetd-1.79s-i386-2.tgz

Slackware -current package:
acf65702ffd747066c2bcd26f28f8ca4  inetd-1.79s-i486-2.tgz



INSTALLATION INSTRUCTIONS:
+------------------------+

Kill inetd:
# killall inetd

Upgrade using upgradepkg (as root):
# upgradepkg inetd-1.79s-i386-2.tgz

Restart inetd:
# inetd



+-----+

Slackware Linux Security Team 
slackware
security@slackware.com

Slackware: inetd denial of service vulnerability

September 9, 2003
These updates fix a previously hard-coded limit of 256connections-per-minute, after which the given service is disabledfor ten minutes.

Summary

Here are the details from the Slackware 9.0 ChangeLog: patches/packages/inetd-1.79s-i386-2.tgz: Disable inetd's (stupid) connection limiting code which can actually cause a DoS rather than preventing it. The default connections-per-minute is now unlimited. -R 0 also removes limiting (this is now mentioned in the man page as well). Thanks to 3APA3A for reporting this issue. (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated package for Slackware 8.1: Updated package for Slackware 9.0: Updated package for Slackware -current: MD5 SIGNATURES: Slackware 8.1 package: 018502403c63b7257b79deea55a51db5 inetd-1.79s-i386-2.tgz Slackware 9.0 package: c844eb828e87ec9b263d4a7879a895d8 inetd-1.79s-i386-2.tgz Slackware -current package: acf65702ffd747066c2bcd26f28f8ca4 inetd-1.79s-i486-2.tgz INSTALLATION INSTRUCTIONS: Kill inetd: # killall inetd Upgrade using upgradepkg (as root): # upgradepkg inetd-1.79s-i386-2.tgz Restart inetd: # inetd Slackwa...

Where Find New Packages

MD5 Signatures

Severity
[slackware-security] inetd DoS patched (SSA:2003-251-01)
Upgraded inetd packages are available for Slackware 8.1, 9.0 and - -current. These fix a previously hard-coded limit of 256 connections-per-minute, after which the given service is disabled for ten minutes. An attacker could use a quick burst of connections every ten minutes to effectively disable a service.
Once upon a time, this was an intentional feature of inetd, but in today's world it has become a bug. Even having inetd look at the source IP and try to limit only the source of the attack would be problematic since TCP source addresses are so easily faked. So, the approach we have taken (borrowed from FreeBSD) is to disable this rate limiting "feature" by default. It can be reenabled by providing a -R option on the command-line if desired, but for obvious reasons we do not recommend this.
Any site running services through inetd that they would like protected from this simple DoS attack should upgrade to the new inetd package immediately.

Installation Instructions

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved