rpm package
opensuse/xinetd&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/xinetd&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2013-4342 | — | < 2.3.15-11.3 | 2.3.15-11.3 | Oct 10, 2013 | xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. | ||
| CVE-2012-0862 | — | < 2.3.15-11.3 | 2.3.15-11.3 | Jun 4, 2012 | builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. |
- CVE-2013-4342Oct 10, 2013affected < 2.3.15-11.3fixed 2.3.15-11.3
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
- CVE-2012-0862Jun 4, 2012affected < 2.3.15-11.3fixed 2.3.15-11.3
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.