Slackware: 2003-252-02 Security: Pop3d Denial of Service Fix
slackware
September 9, 2003
These updates fix a previously hard-coded limit of 256connections-per-minute, after which the given service is disabledfor ten minutes.
Summary
Here are the details from the Slackware 9.0 ChangeLog: patches/packages/inetd-1.79s-i386-2.tgz: Disable inetd's (stupid) connection limiting code which can actually cause a DoS rather than preventing it. The default connections-per-minute is now unlimited. -R 0 also removes limiting (this is now mentioned in the man page as well). Thanks to 3APA3A for reporting this issue. (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated package for Slackware 8.1: Updated package for Slackware 9.0: Updated package for Slackware -current: MD5 SIGNATURES: Slackware 8.1 package: 018502403c63b7257b79deea55a51db5 inetd-1.79s-i386-2.tgz Slackware 9.0 package: c844eb828e87ec9b263d4a7879a895d8 inetd-1.79s-i386-2.tgz Slackware -current package: acf65702ffd747066c2bcd26f28f8ca4 inetd-1.79s-i486-2.tgz INSTALLATION INSTRUCTIONS: Kill inetd: # killall inetd Upgrade using upgradepkg (as root): # upgradepkg inetd-1.79s-i386-2.tgz Restart inetd: #
Read the Full Advisory
Topics Covered
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!