Mandriva Linux Security Advisory 2012-155 - builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. The updated packages have been patched to correct this issue.
863af03c72dbb69168b28f12a6929adb4f37f3a4d72987ae371a07dc35323ba5