xinetd -- attackers can bypass access restrictions if tcpmux-servers service enabled

2012-02-15T00:00:00
ID E11955CA-187C-11E2-BE36-00215AF774F0
Type freebsd
Reporter FreeBSD
Modified 2012-02-15T00:00:00

Description

Thomas Swan reports:

xinetd allows for services to be configured with the TCPMUX or TCPMUXPLUS service types, which makes those services available on port 1, as per RFC 1078 [1], if the tcpmux-server service is enabled. When the tcpmux-server service is enabled, xinetd would expose all enabled services via the tcpmux port, instead of just the configured service(s). This could allow a remote attacker to bypass firewall restrictions and access services via the tcpmux port.