Certain versions of xinetd have a bug in the access
control mechanism. If you use a hostname to control access to a service (
localhost instead of 127.0.0.1 ), xinetd will allow any connection from hosts
that fail a reverse look-up.
The version of xinetd in Debian 2.1 (slink) does not support the access
control mechanism and is not vulnerable to this problem. (Those
testing Debian 2.2--potato--should upgrade to at least version
2.1.8.8.p3-1.)
