Mandriva Linux Security Advisory 2013-057 - builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. The updated packages have been upgraded to the 2.3.15 version which is not vulnerable to this issue.
ab5c7cf9c0b995dcd94e53914502ae766fd71e8fc369da0358613eb4901045c7