{"vuid":"VU#880624","idnumber":"880624","name":"Compaq Tru64 Unix inetd vulnerable to DoS","keywords":["Compaq","Tru64 Unix","inetd","SSRT0708U"],"overview":"The inetd service on Compaq's Tru64 UNIX  is vulnerable to a denial-of-service.","clean_desc":"The inetd service on Compaq's Tru64 UNIX  V5.1 (all patch levels) is vulnerable to a denial-of-service attack in which inetd will stop accepting new connections. In turn, this would disrupt the normal operation of any service that is started from inetd. Quoting from Compaq's advisory: A potential security vulnerability has been discovered for Tru64 UNIX V5.1, where under certain circumstances, there is a problem with the inetd Internet services daemon that can cause it to stop accepting connections. This causes all services handled by inetd to be inaccessible including ftp, telnet, rsh, rlogin, rexec, pop3, imap,  radius, etc.. An intruder may be able to exploit this vulnerability by interrupting other services. Again quoting from Compaq: The inetd may stop responding to requests if one of its services cores as it is being started.","impact":"An intruder may be able to interrupt services started from inetd, such as ftp, telnet, rsh, etc.","resolution":"Apply the latest aggregate patch kits for Compaq Ttru64 Unix. If that is not possible, obtain a patch through your normal Compaq  Services support channel using the reference SSRT0708U.","workarounds":"","sysaffected":"","thanks":"Our thanks to Compaq Computer Corporation for the information contained in this bulletin.","author":"This document was written by Shawn V. Hernan.","public":[],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-02-26T17:48:46Z","publicdate":"2001-11-13T00:00:00Z","datefirstpublished":"2001-12-12T04:26:34Z","dateupdated":"2002-01-31T20:23:24Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"10","cam_impact":"8","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"9","cam_scorecurrentwidelyknown":"11.25","cam_scorecurrentwidelyknownexploited":"20.25","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":9.0,"vulnote":null}