Lucene search

[email protected]CVE-2001-1322

HistoryJul 10, 2001 - 4:00 a.m.

CVE-2001-1322

2001-07-1004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1322

xinetd 2.1.8

umask 0

local user access

application security

nvd

6.4 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.

CPENameOperatorVersion
xinetd:xinetdxinetdeq2.1.8.9_pre15
xinetd:xinetdxinetdeq2.1.8.9_pre10
xinetd:xinetdxinetdeq2.1.8.9_pre5
xinetd:xinetdxinetdeq2.1.8.8
xinetd:xinetdxinetdeq2.1.8.9_pre3
xinetd:xinetdxinetdeq2.1.8.9_pre9
xinetd:xinetdxinetdeq2.1.8.9_pre1
xinetd:xinetdxinetdeq2.1.8.9_pre8
xinetd:xinetdxinetdeq2.1.8.8_pre3
xinetd:xinetdxinetdeq2.1.8.9_pre14

CPE	Name	Operator	Version
xinetd:xinetd	xinetd	eq	2.1.8.9_pre15
xinetd:xinetd	xinetd	eq	2.1.8.9_pre10
xinetd:xinetd	xinetd	eq	2.1.8.9_pre5
xinetd:xinetd	xinetd	eq	2.1.8.8
xinetd:xinetd	xinetd	eq	2.1.8.9_pre3
xinetd:xinetd	xinetd	eq	2.1.8.9_pre9
xinetd:xinetd	xinetd	eq	2.1.8.9_pre1
xinetd:xinetd	xinetd	eq	2.1.8.9_pre8
xinetd:xinetd	xinetd	eq	2.1.8.8_pre3
xinetd:xinetd	xinetd	eq	2.1.8.9_pre14

Rows per page:

1-10 of 161

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404

download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01

www.debian.org/security/2001/dsa-063

www.iss.net/security_center/static/6657.php

www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3

www.linuxsecurity.com/advisories/other_advisory-1469.html

www.redhat.com/support/errata/RHSA-2001-075.html

www.securityfocus.com/bid/2826

6.4 Medium

AI Score

Confidence

Low

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2001-1322

nessus2 openvas1