Debian Security Advisory DSA 151-1 (xinetd)

Summary
The remote host is missing an update to xinetd announced via advisory DSA 151-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20151-1
Insight
Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usually called a denial of service. This problem has been fixed by the package maintainer in version 2.3.4-1.2 for the current stable distribution (woody) and in version 2.3.7-1 for the unstable distribution (sid). The old stable distribution (potato) is not affected, since it doesn't contain the signal pipe. We recommend that you upgrade your xinetd packages.