Search criteria
8 vulnerabilities by xinetd
CVE-2013-4342 (GCVE-0-2013-4342)
Vulnerability from cvelistv5 – Published: 2013-10-10 00:00 – Updated: 2024-08-06 16:38
VLAI
Summary
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201611-06 | vendor-advisoryx_refsource_GENTOO |
| https://bugzilla.redhat.com/show_bug.cgi?id=1006100 | x_refsource_CONFIRM |
| https://github.com/xinetd-org/xinetd/pull/10 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-1409.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2013-09-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.956Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201611-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201611-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006100"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/xinetd-org/xinetd/pull/10"
},
{
"name": "RHSA-2013:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1409.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-30T16:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201611-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201611-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006100"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/xinetd-org/xinetd/pull/10"
},
{
"name": "RHSA-2013:1409",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1409.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4342",
"datePublished": "2013-10-10T00:00:00.000Z",
"dateReserved": "2013-06-12T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:38:01.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0862 (GCVE-0-2012-0862)
Vulnerability from cvelistv5 – Published: 2012-06-04 20:00 – Updated: 2024-08-06 18:38
VLAI
Summary
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1027050 | vdb-entryx_refsource_SECTRACK |
| http://www.openwall.com/lists/oss-security/2012/05/09/5 | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.osvdb.org/81774 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| https://bugzilla.redhat.com/attachment.cgi?id=583311 | x_refsource_MISC |
| http://rhn.redhat.com/errata/RHSA-2013-1302.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=790940 | x_refsource_MISC |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.openwall.com/lists/oss-security/2012/05/10/2 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/53720 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.xinetd.org/#changes | x_refsource_CONFIRM |
Date Public
2012-05-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027050"
},
{
"name": "[oss-security] 20120509 CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/09/5"
},
{
"name": "FEDORA-2012-8041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html"
},
{
"name": "81774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/81774"
},
{
"name": "xinetd-tcpmux-weak-security(75965)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75965"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=583311"
},
{
"name": "RHSA-2013:1302",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1302.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790940"
},
{
"name": "FEDORA-2012-8061",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html"
},
{
"name": "[oss-security] 20120510 Re: CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/10/2"
},
{
"name": "53720",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53720"
},
{
"name": "MDVSA-2012:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:155"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.xinetd.org/#changes"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1027050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027050"
},
{
"name": "[oss-security] 20120509 CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/09/5"
},
{
"name": "FEDORA-2012-8041",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html"
},
{
"name": "81774",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/81774"
},
{
"name": "xinetd-tcpmux-weak-security(75965)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75965"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/attachment.cgi?id=583311"
},
{
"name": "RHSA-2013:1302",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1302.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790940"
},
{
"name": "FEDORA-2012-8061",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html"
},
{
"name": "[oss-security] 20120510 Re: CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/10/2"
},
{
"name": "53720",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53720"
},
{
"name": "MDVSA-2012:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:155"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.xinetd.org/#changes"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027050"
},
{
"name": "[oss-security] 20120509 CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/09/5"
},
{
"name": "FEDORA-2012-8041",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html"
},
{
"name": "81774",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81774"
},
{
"name": "xinetd-tcpmux-weak-security(75965)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75965"
},
{
"name": "https://bugzilla.redhat.com/attachment.cgi?id=583311",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/attachment.cgi?id=583311"
},
{
"name": "RHSA-2013:1302",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1302.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=790940",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790940"
},
{
"name": "FEDORA-2012-8061",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html"
},
{
"name": "[oss-security] 20120510 Re: CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/10/2"
},
{
"name": "53720",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53720"
},
{
"name": "MDVSA-2012:155",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:155"
},
{
"name": "http://www.xinetd.org/#changes",
"refsource": "CONFIRM",
"url": "http://www.xinetd.org/#changes"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0862",
"datePublished": "2012-06-04T20:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0825 (GCVE-0-2001-0825)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:37
VLAI
Summary
Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/2971 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.redhat.com/support/errata/RHSA-2001-092.html | vendor-advisoryx_refsource_REDHAT |
| http://download.immunix.org/ImmunixOS/7.0/updates… | vendor-advisoryx_refsource_IMMUNIX |
Date Public
2001-07-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:06.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2971",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2971"
},
{
"name": "xinetd-zero-length-bo(6804)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6804"
},
{
"name": "CLA-2001:406",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000406"
},
{
"name": "RHSA-2001:092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-092.html"
},
{
"name": "IMNX-2001-70-029-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-07-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-08-21T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2971",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2971"
},
{
"name": "xinetd-zero-length-bo(6804)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6804"
},
{
"name": "CLA-2001:406",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000406"
},
{
"name": "RHSA-2001:092",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-092.html"
},
{
"name": "IMNX-2001-70-029-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2971"
},
{
"name": "xinetd-zero-length-bo(6804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6804"
},
{
"name": "CLA-2001:406",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000406"
},
{
"name": "RHSA-2001:092",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-092.html"
},
{
"name": "IMNX-2001-70-029-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0825",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2001-11-22T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:37:06.732Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0211 (GCVE-0-2003-0211)
Vulnerability from cvelistv5 – Published: 2003-04-16 04:00 – Updated: 2024-08-08 01:43
VLAI
Summary
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://bugzilla.redhat.com/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://www.redhat.com/support/errata/RHSA-2003-160.html | vendor-advisoryx_refsource_REDHAT |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://marc.info/?l=bugtraq&m=105068673220605&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRAKE |
Date Public
2003-04-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2003:782",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000782"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537"
},
{
"name": "RHSA-2003:160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-160.html"
},
{
"name": "oval:org.mitre.oval:def:657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A657"
},
{
"name": "20030418 Xinetd 2.3.10 Memory Leaks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105068673220605\u0026w=2"
},
{
"name": "MDKSA-2003:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:056"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2003:782",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000782"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537"
},
{
"name": "RHSA-2003:160",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-160.html"
},
{
"name": "oval:org.mitre.oval:def:657",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A657"
},
{
"name": "20030418 Xinetd 2.3.10 Memory Leaks",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=105068673220605\u0026w=2"
},
{
"name": "MDKSA-2003:056",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:056"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2003:782",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000782"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537"
},
{
"name": "RHSA-2003:160",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-160.html"
},
{
"name": "oval:org.mitre.oval:def:657",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A657"
},
{
"name": "20030418 Xinetd 2.3.10 Memory Leaks",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=105068673220605\u0026w=2"
},
{
"name": "MDKSA-2003:056",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:056"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0211",
"datePublished": "2003-04-16T04:00:00.000Z",
"dateReserved": "2003-04-15T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:43:36.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0871 (GCVE-0-2002-0871)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 03:03
VLAI
Summary
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2002/dsa-151 | vendor-advisoryx_refsource_DEBIAN |
| http://marc.info/?l=bugtraq&m=102935383506155&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.redhat.com/support/errata/RHSA-2002-196.html | vendor-advisoryx_refsource_REDHAT |
| http://www.redhat.com/support/errata/RHSA-2003-228.html | vendor-advisoryx_refsource_REDHAT |
| http://www.linux-mandrake.com/en/security/2002/MD… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.securityfocus.com/bid/5458 | vdb-entryx_refsource_BID |
| http://www.iss.net/security_center/static/9844.php | vdb-entryx_refsource_XF |
Date Public
2002-08-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:03:49.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-151",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2002/dsa-151"
},
{
"name": "20020814 GLSA: xinetd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102935383506155\u0026w=2"
},
{
"name": "RHSA-2002:196",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-196.html"
},
{
"name": "RHSA-2003:228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-228.html"
},
{
"name": "MDKSA-2002:053",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-053.php"
},
{
"name": "5458",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5458"
},
{
"name": "xinetd-signal-leak-dos(9844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9844.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-151",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2002/dsa-151"
},
{
"name": "20020814 GLSA: xinetd",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=102935383506155\u0026w=2"
},
{
"name": "RHSA-2002:196",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-196.html"
},
{
"name": "RHSA-2003:228",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-228.html"
},
{
"name": "MDKSA-2002:053",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-053.php"
},
{
"name": "5458",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5458"
},
{
"name": "xinetd-signal-leak-dos(9844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9844.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0871",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-151",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2002/dsa-151"
},
{
"name": "20020814 GLSA: xinetd",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=102935383506155\u0026w=2"
},
{
"name": "RHSA-2002:196",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-196.html"
},
{
"name": "RHSA-2003:228",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-228.html"
},
{
"name": "MDKSA-2002:053",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-053.php"
},
{
"name": "5458",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5458"
},
{
"name": "xinetd-signal-leak-dos(9844)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9844.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0871",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-08-16T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:03:49.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1389 (GCVE-0-2001-1389)
Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 04:51
VLAI
Summary
Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.linux-mandrake.com/en/security/2001/MD… | vendor-advisoryx_refsource_MANDRAKE |
| http://download.immunix.org/ImmunixOS/7.0/updates… | vendor-advisoryx_refsource_IMMUNIX |
| http://marc.info/?l=bugtraq&m=99913751525583&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://rhn.redhat.com/errata/RHSA-2001-109.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/3257 | vdb-entryx_refsource_BID |
Date Public
2001-08-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2001:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-076.php3"
},
{
"name": "IMNX-2001-70-033-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-033-01"
},
{
"name": "20010830 xinetd 2.3.0 audit status",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99913751525583\u0026w=2"
},
{
"name": "RHSA-2001:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-109.html"
},
{
"name": "3257",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2001:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-076.php3"
},
{
"name": "IMNX-2001-70-033-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-033-01"
},
{
"name": "20010830 xinetd 2.3.0 audit status",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=99913751525583\u0026w=2"
},
{
"name": "RHSA-2001:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2001-109.html"
},
{
"name": "3257",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2001:076",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-076.php3"
},
{
"name": "IMNX-2001-70-033-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-033-01"
},
{
"name": "20010830 xinetd 2.3.0 audit status",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=99913751525583\u0026w=2"
},
{
"name": "RHSA-2001:109",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2001-109.html"
},
{
"name": "3257",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1389",
"datePublished": "2002-08-31T04:00:00.000Z",
"dateReserved": "2002-08-27T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:51:08.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1322 (GCVE-0-2001-1322)
Vulnerability from cvelistv5 – Published: 2002-06-25 04:00 – Updated: 2024-08-08 04:51
VLAI
Summary
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://www.linuxsecurity.com/advisories/other_adv… | vendor-advisoryx_refsource_ENGARDE |
| http://www.debian.org/security/2001/dsa-063 | vendor-advisoryx_refsource_DEBIAN |
| http://www.linux-mandrake.com/en/security/2001/MD… | vendor-advisoryx_refsource_MANDRAKE |
| http://www.iss.net/security_center/static/6657.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/2826 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2001-075.html | vendor-advisoryx_refsource_REDHAT |
| http://download.immunix.org/ImmunixOS/7.0/updates… | vendor-advisoryx_refsource_IMMUNIX |
Date Public
2001-06-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:07.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2001:404",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000404"
},
{
"name": "ESA-20010621-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1469.html"
},
{
"name": "DSA-063",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-063"
},
{
"name": "MDKSA-2001:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3"
},
{
"name": "xinetd-insecure-permissions(6657)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/6657.php"
},
{
"name": "2826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2826"
},
{
"name": "RHSA-2001:075",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-075.html"
},
{
"name": "IMNX-2001-70-024-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-06-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-05-09T09:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2001:404",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000404"
},
{
"name": "ESA-20010621-01",
"tags": [
"vendor-advisory",
"x_refsource_ENGARDE"
],
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1469.html"
},
{
"name": "DSA-063",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-063"
},
{
"name": "MDKSA-2001:055",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3"
},
{
"name": "xinetd-insecure-permissions(6657)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/6657.php"
},
{
"name": "2826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2826"
},
{
"name": "RHSA-2001:075",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-075.html"
},
{
"name": "IMNX-2001-70-024-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2001:404",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000404"
},
{
"name": "ESA-20010621-01",
"refsource": "ENGARDE",
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1469.html"
},
{
"name": "DSA-063",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-063"
},
{
"name": "MDKSA-2001:055",
"refsource": "MANDRAKE",
"url": "http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3"
},
{
"name": "xinetd-insecure-permissions(6657)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/6657.php"
},
{
"name": "2826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2826"
},
{
"name": "RHSA-2001:075",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-075.html"
},
{
"name": "IMNX-2001-70-024-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1322",
"datePublished": "2002-06-25T04:00:00.000Z",
"dateReserved": "2002-05-01T00:00:00.000Z",
"dateUpdated": "2024-08-08T04:51:07.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0536 (GCVE-0-2000-0536)
Vulnerability from cvelistv5 – Published: 2000-10-13 04:00 – Updated: 2024-08-08 05:21
VLAI
Summary
xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.synack.net/xinetd/ | x_refsource_CONFIRM |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/1381 | vdb-entryx_refsource_BID |
| http://www.debian.org/security/2000/20000619 | vendor-advisoryx_refsource_DEBIAN |
Date Public
2000-06-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:31.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.synack.net/xinetd/"
},
{
"name": "xinetd-improper-restrictions(4986)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4986"
},
{
"name": "1381",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1381"
},
{
"name": "20000619 xinetd: bug in access control mechanism",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2000/20000619"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-06-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.synack.net/xinetd/"
},
{
"name": "xinetd-improper-restrictions(4986)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4986"
},
{
"name": "1381",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1381"
},
{
"name": "20000619 xinetd: bug in access control mechanism",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2000/20000619"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0536",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.synack.net/xinetd/",
"refsource": "CONFIRM",
"url": "http://www.synack.net/xinetd/"
},
{
"name": "xinetd-improper-restrictions(4986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4986"
},
{
"name": "1381",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1381"
},
{
"name": "20000619 xinetd: bug in access control mechanism",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2000/20000619"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0536",
"datePublished": "2000-10-13T04:00:00.000Z",
"dateReserved": "2000-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-08T05:21:31.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}