Vulnerability

    inetd

Affected

    True64 V5.1

Description

    Following is based on a  Compaq Advisory (Case ID: SSRT0708U).   A
    potential  security  vulnerability  has  been discovered for Tru64
    UNIX V5.1, where under  certain circumstances, there is  a problem
    with the inetd Internet services daemon that can cause it to  stop
    accepting connections.  This causes all services handled by  inetd
    to  be  inaccessible  including  ftp,  telnet, rsh, rlogin, rexec,
    pop3, imap, radius, etc..

    This  problem  exists   in  Tru64  UNIX   5.1  inetd  only.    The
    /usr/sbin/inetd is the master daemon for many services.  The inetd
    may stop responding to requests if one of its services cores as it
    is  being  started.   Inetd  continues  to  run.   The netstat -An
    command may indicate many outstanding connections to the same PCB.

Solution

    Compaq  Tru64  UNIX  engineering  has  provided  a  fix  for  this
    potential problem for Tru64 UNIX  V5.1.  They apologize that  this
    fix is not available from our  patch site.  If you determine  that
    you  need  this  fix  please  contact  your normal Compaq Services
    support channel and request a patch using the reference SSRT0708U.
    This solution will  be included in  future releases of  Tru64 UNIX
    V5.1 aggregate patch kits.

    If you are installing Open Source Internet Solutions on Tru64 UNIX
    Version 5.1, it is strongly urged that you install this patch kit.

    If you are  installing Open Source  Internet Solutions on  a Tru64
    UNIX Version 5.1  TruCluster system, you  must install this  patch
    kit prior  to installing  Open Source  Internet Solutions  because
    without  it  inetd  failure  during  this  procedure will cause an
    installation failure  since it  will interfere  with intra-cluster
    communications.