Search...

SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)

2015-05-20T00:00:00

ID SUSE_SU-2014-0871-1.NASL
Type nessus
Reporter This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2015-05-20T00:00:00

Description

Xinetd receives a LTSS roll-up update to fix two security issues.

CVE-2012-0862: xinetd enabled all services when tcp multiplexing is used.

CVE-2013-4342: xinetd ignored user and group directives for tcpmux services, running services as root.

While both issues are not so problematic on their own, in combination the impact is greater and enabling tcpmux would be risky.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2014:0871-1.
# The text itself is copyright (C) SUSE.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(83631);
  script_version("2.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-0862", "CVE-2013-4342");
  script_bugtraq_id(53720, 62871);

  script_name(english:"SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SUSE host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Xinetd receives a LTSS roll-up update to fix two security issues.

  - CVE-2012-0862: xinetd enabled all services when tcp
    multiplexing is used.

  - CVE-2013-4342: xinetd ignored user and group directives
    for tcpmux services, running services as root.

While both issues are not so problematic on their own, in combination
the impact is greater and enabling tcpmux would be risky.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  # http://download.suse.com/patch/finder/?keywords=02d02e7774b10b86c728bb88af735b33
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?abbe8ebf"
  );
  # http://download.suse.com/patch/finder/?keywords=5d400fd9a30cb44112b8a54c0743cc7b
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?0560dd2a"
  );
  # http://download.suse.com/patch/finder/?keywords=697d9a5cda282587ef2ff61975bbcad4
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?bcdd017c"
  );
  # http://download.suse.com/patch/finder/?keywords=c6f4a3dc598f45466f0a0699473c1f57
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?77c63c4b"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-0862.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2013-4342.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/762294"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/844230"
  );
  # https://www.suse.com/support/update/announcement/2014/suse-su-20140871-1.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?3a24c40a"
  );
  script_set_attribute(
    attribute:"solution", 
    value:
"To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 11 SP2 LTSS :

zypper in -t patch slessp2-xinetd-9417

SUSE Linux Enterprise Server 11 SP1 LTSS :

zypper in -t patch slessp1-xinetd-9418

To bring your system up-to-date, use 'zypper patch'."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:xinetd");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2014/07/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = eregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! ereg(pattern:"^(SLES10|SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES10 / SLES11", "SUSE " + os_ver);

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" &gt;!&lt; cpu && "s390x" &gt;!&lt; cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);

sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES11" && (! ereg(pattern:"^1|2$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP1/2", os_ver + " SP" + sp);
if (os_ver == "SLES10" && (! ereg(pattern:"^4|3$", string:sp))) audit(AUDIT_OS_NOT, "SLES10 SP4/3", os_ver + " SP" + sp);


flag = 0;
if (rpm_check(release:"SLES11", sp:"1", reference:"xinetd-2.3.14-130.133.1")) flag++;
if (rpm_check(release:"SLES11", sp:"2", reference:"xinetd-2.3.14-130.133.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"xinetd-2.3.14-14.12.1")) flag++;
if (rpm_check(release:"SLES10", sp:"3", reference:"xinetd-2.3.14-14.12.1")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xinetd");
}

JSON Vulners Source

Initial Source

{"id": "SUSE_SU-2014-0871-1.NASL", "bulletinFamily": "scanner", "title": "SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)", "description": "Xinetd receives a LTSS roll-up update to fix two security issues.\n\n - CVE-2012-0862: xinetd enabled all services when tcp\n multiplexing is used.\n\n - CVE-2013-4342: xinetd ignored user and group directives\n for tcpmux services, running services as root.\n\nWhile both issues are not so problematic on their own, in combination\nthe impact is greater and enabling tcpmux would be risky.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2015-05-20T00:00:00", "modified": "2015-05-20T00:00:00", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/83631", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?0560dd2a", "http://www.nessus.org/u?3a24c40a", "http://www.nessus.org/u?abbe8ebf", "http://support.novell.com/security/cve/CVE-2013-4342.html", "https://bugzilla.novell.com/844230", "http://www.nessus.org/u?bcdd017c", "http://support.novell.com/security/cve/CVE-2012-0862.html", "http://www.nessus.org/u?77c63c4b", "https://bugzilla.novell.com/762294"], "cvelist": ["CVE-2012-0862", "CVE-2013-4342"], "type": "nessus", "lastseen": "2021-01-20T14:43:40", "edition": 18, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4342", "CVE-2012-0862"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12600", "SECURITYVULNS:VULN:13361", "SECURITYVULNS:DOC:28589", "SECURITYVULNS:DOC:29931"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2013-1302.NASL", "SUSE_11_XINETD-140313.NASL", "ORACLELINUX_ELSA-2013-0499.NASL", "SL_20130930_XINETD_ON_SL5_X.NASL", "CENTOS_RHSA-2013-1302.NASL", "REDHAT-RHSA-2013-0499.NASL", "FEDORA_2012-8061.NASL", "OPENSUSE-2014-292.NASL", "ORACLELINUX_ELSA-2013-1302.NASL", "FREEBSD_PKG_E11955CA187C11E2BE3600215AF774F0.NASL"]}, {"type": "centos", "idList": ["CESA-2013:1409", "CESA-2013:0499", "CESA-2013:1302"]}, {"type": "redhat", "idList": ["RHSA-2013:1302", "RHSA-2013:0499", "RHSA-2013:1409"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-1302", "ELSA-2013-0499", "ELSA-2013-1409"]}, {"type": "seebug", "idList": ["SSV:60170"]}, {"type": "freebsd", "idList": ["5C34664F-2C2B-11E3-87C2-00215AF774F0", "E11955CA-187C-11E2-BE36-00215AF774F0"]}, {"type": "fedora", "idList": ["FEDORA:278D3208C3", "FEDORA:667F320DED", "FEDORA:E76F022666", "FEDORA:186FD23057"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123563", "OPENVAS:136141256231072502", "OPENVAS:1361412562310870939", "OPENVAS:881672", "OPENVAS:831736", "OPENVAS:864264", "OPENVAS:870939", "OPENVAS:1361412562310864264", "OPENVAS:1361412562310881672", "OPENVAS:72502"]}, {"type": "gentoo", "idList": ["GLSA-201611-06"]}, {"type": "amazon", "idList": ["ALAS-2013-232"]}], "modified": "2021-01-20T14:43:40", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2021-01-20T14:43:40", "rev": 2}, "vulnersScore": 5.7}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:0871-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83631);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0862\", \"CVE-2013-4342\");\n script_bugtraq_id(53720, 62871);\n\n script_name(english:\"SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Xinetd receives a LTSS roll-up update to fix two security issues.\n\n - CVE-2012-0862: xinetd enabled all services when tcp\n multiplexing is used.\n\n - CVE-2013-4342: xinetd ignored user and group directives\n for tcpmux services, running services as root.\n\nWhile both issues are not so problematic on their own, in combination\nthe impact is greater and enabling tcpmux would be risky.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=02d02e7774b10b86c728bb88af735b33\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abbe8ebf\"\n );\n # http://download.suse.com/patch/finder/?keywords=5d400fd9a30cb44112b8a54c0743cc7b\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0560dd2a\"\n );\n # http://download.suse.com/patch/finder/?keywords=697d9a5cda282587ef2ff61975bbcad4\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bcdd017c\"\n );\n # http://download.suse.com/patch/finder/?keywords=c6f4a3dc598f45466f0a0699473c1f57\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?77c63c4b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4342.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/762294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/844230\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20140871-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a24c40a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-xinetd-9417\n\nSUSE Linux Enterprise Server 11 SP1 LTSS :\n\nzypper in -t patch slessp1-xinetd-9418\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLES10|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! ereg(pattern:\"^1|2$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^4|3$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4/3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"1\", reference:\"xinetd-2.3.14-130.133.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"xinetd-2.3.14-130.133.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"xinetd-2.3.14-14.12.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"3\", reference:\"xinetd-2.3.14-14.12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "naslFamily": "SuSE Local Security Checks", "pluginID": "83631", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:xinetd", "cpe:/o:novell:suse_linux:10"], "scheme": null}

{"cve": [{"lastseen": "2020-10-03T12:46:04", "description": "xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.", "edition": 3, "cvss3": {}, "published": "2013-10-10T00:55:00", "title": "CVE-2013-4342", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4342"], "modified": "2019-04-22T17:48:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "cpe:/a:xinetd:xinetd:-", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "CVE-2013-4342", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:xinetd:xinetd:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:17", "description": "builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.", "edition": 5, "cvss3": {}, "published": "2012-06-04T20:55:00", "title": "CVE-2012-0862", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0862"], "modified": "2017-08-29T01:31:00", "cpe": ["cpe:/a:xinetd:xinetd:2.3.8", "cpe:/a:xinetd:xinetd:2.3.5", "cpe:/a:xinetd:xinetd:2.3.13", "cpe:/a:xinetd:xinetd:2.3.7", "cpe:/a:xinetd:xinetd:2.3.12", "cpe:/a:xinetd:xinetd:2.3.9", "cpe:/a:xinetd:xinetd:2.3.10", "cpe:/a:xinetd:xinetd:2.3.14", "cpe:/a:xinetd:xinetd:2.3.6", "cpe:/a:xinetd:xinetd:2.3.11"], "id": "CVE-2012-0862", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0862", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:xinetd:xinetd:2.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.14:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.13:*:*:*:*:*:*:*", "cpe:2.3:a:xinetd:xinetd:2.3.10:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0862"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2012:155\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : xinetd\r\n Date : September 28, 2012\r\n Affected: Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A security issue was identified and fixed in xinetd:\r\n \r\n builtins.c in Xinetd before 2.3.15 does not check the service type\r\n when the tcpmux-server service is enabled, which exposes all enabled\r\n services and allows remote attackers to bypass intended access\r\n restrictions via a request to tcpmux port 1 (CVE-2012-0862).\r\n \r\n The updated packages have been patched to correct this issue.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0862\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n ee80cce6de9576a6203e885417b23f8e mes5/i586/xinetd-2.3.14-9.1mdvmes5.2.i586.rpm\r\n a36ab79e05ba302d2f3161c282d78176 mes5/i586/xinetd-simple-services-2.3.14-9.1mdvmes5.2.i586.rpm \r\n 58a1b7981a34d90cfe189073101f693e mes5/SRPMS/xinetd-2.3.14-9.1mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 6f1de1f720a323d3140064ff926afd9e mes5/x86_64/xinetd-2.3.14-9.1mdvmes5.2.x86_64.rpm\r\n 54a66d86468ec9ffe6db272fa5684f01 mes5/x86_64/xinetd-simple-services-2.3.14-9.1mdvmes5.2.x86_64.rpm \r\n 58a1b7981a34d90cfe189073101f693e mes5/SRPMS/xinetd-2.3.14-9.1mdvmes5.2.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niD8DBQFQZYRJmqjQ0CJFipgRAq50AKDqxyDefIb3S4vLFbBD1sLI92fL6ACg4bJs\r\n3BpHMREDN4brblls5KUW9GA=\r\n=9rHS\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-10-01T00:00:00", "published": "2012-10-01T00:00:00", "id": "SECURITYVULNS:DOC:28589", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28589", "title": "CVE-2012-0862", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:48", "bulletinFamily": "software", "cvelist": ["CVE-2012-0862"], "description": "tcpmux invalid service type check", "edition": 1, "modified": "2012-10-01T00:00:00", "published": "2012-10-01T00:00:00", "id": "SECURITYVULNS:VULN:12600", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12600", "title": "xinitd restrictions bypass", "type": "securityvulns", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:53", "bulletinFamily": "software", "cvelist": ["CVE-2013-4342"], "description": "tcpmux-server service is executed with root privileges.", "edition": 1, "modified": "2013-10-12T00:00:00", "published": "2013-10-12T00:00:00", "id": "SECURITYVULNS:VULN:13361", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13361", "title": "xinetd privilege escalation", "type": "securityvulns", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:49", "bulletinFamily": "software", "cvelist": ["CVE-2013-4342"], "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2013:248\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : xinetd\r\n Date : October 10, 2013\r\n Affected: Business Server 1.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated xinetd package fixes security vulnerability:\r\n \r\n It was found that xinetd ignored the user and group configuration\r\n directives for services running under the tcpmux-server service. This\r\n flaw could cause the associated services to run as root. If there was\r\n a flaw in such a service, a remote attacker could use it to execute\r\n arbitrary code with the privileges of the root user (CVE-2013-4342).\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342\r\n http://advisories.mageia.org/MGASA-2013-0302.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Enterprise Server 5:\r\n 7976fe68c2fbf71a2df62a39f2128fe2 mes5/i586/xinetd-2.3.14-9.2mdvmes5.2.i586.rpm\r\n 5cf2234e84b17e0a281523cab4a5c7d5 mes5/i586/xinetd-simple-services-2.3.14-9.2mdvmes5.2.i586.rpm \r\n b6b4f88ddde0c620305f561e0763e062 mes5/SRPMS/xinetd-2.3.14-9.2mdvmes5.2.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n 56b91a23fb44b3464e1d7efa852211a1 mes5/x86_64/xinetd-2.3.14-9.2mdvmes5.2.x86_64.rpm\r\n 81cfdaeae19dc5c65572147fc054c092 mes5/x86_64/xinetd-simple-services-2.3.14-9.2mdvmes5.2.x86_64.rpm \r\n b6b4f88ddde0c620305f561e0763e062 mes5/SRPMS/xinetd-2.3.14-9.2mdvmes5.2.src.rpm\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 71c6525d8fd04f94fcf6bfc9fefd5ead mbs1/x86_64/xinetd-2.3.15-1.1.mbs1.x86_64.rpm\r\n 386144202dbe1cd6f4a3cab2cbce77c1 mbs1/x86_64/xinetd-simple-services-2.3.15-1.1.mbs1.x86_64.rpm \r\n d36307cca323809a2af5903761acccd2 mbs1/SRPMS/xinetd-2.3.15-1.1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 (GNU/Linux)\r\n\r\niD8DBQFSVom8mqjQ0CJFipgRAuiwAKC+inrDgN2oEvpG4qZQjL0W8g48gQCdGSjd\r\nFcITRUBzVmGhwlzn3W1T9XQ=\r\n=VyVe\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "modified": "2013-10-12T00:00:00", "published": "2013-10-12T00:00:00", "id": "SECURITYVULNS:DOC:29931", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29931", "title": "[ MDVSA-2013:248 ] xinetd", "type": "securityvulns", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-20T14:42:02", "description": "The multiplexing system xinetd was updated to fix security issues and\na bug.\n\nSecurity issues fixed :\n\n - xinetd ignores user and group directives for tcpmux\n services. (CVE-2013-4342)\n\n - xinetd enables all services when tcp multiplexing is\n used. Bug fixed:. (CVE-2012-0862)\n\n - Services started by xinetd were limited to 1024 open\n file descriptors. (bnc#855685)", "edition": 17, "published": "2014-04-01T00:00:00", "title": "SuSE 11.3 Security Update : xinetd (SAT Patch Number 9021)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862", "CVE-2013-4342"], "modified": "2014-04-01T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:xinetd"], "id": "SUSE_11_XINETD-140313.NASL", "href": "https://www.tenable.com/plugins/nessus/73287", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73287);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0862\", \"CVE-2013-4342\");\n\n script_name(english:\"SuSE 11.3 Security Update : xinetd (SAT Patch Number 9021)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The multiplexing system xinetd was updated to fix security issues and\na bug.\n\nSecurity issues fixed :\n\n - xinetd ignores user and group directives for tcpmux\n services. (CVE-2013-4342)\n\n - xinetd enables all services when tcp multiplexing is\n used. Bug fixed:. (CVE-2012-0862)\n\n - Services started by xinetd were limited to 1024 open\n file descriptors. (bnc#855685)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=855685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0862.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4342.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9021.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xinetd-2.3.14-130.133.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xinetd-2.3.14-130.133.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"xinetd-2.3.14-130.133.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:27:30", "description": "xinetd was updated to receive security fixes and a bug fix.\n\nSecurity issues fixed :\n\n - CVE-2013-4342 (bnc#844230)\n\n - xinetd ignored user and group directives for tcpmux\n services\n\n - CVE-2012-0862 (bnc#762294)\n\n - xinetd enabled all services when tcp multiplexing is\n used\n\nAlso added support for setting maximum number of open files\n(bnc#855685).", "edition": 18, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : xinetd (openSUSE-SU-2014:0517-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862", "CVE-2013-4342"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.3", "p-cpe:/a:novell:opensuse:xinetd", "p-cpe:/a:novell:opensuse:xinetd-debugsource", "cpe:/o:novell:opensuse:13.1", "p-cpe:/a:novell:opensuse:xinetd-debuginfo"], "id": "OPENSUSE-2014-292.NASL", "href": "https://www.tenable.com/plugins/nessus/75322", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-292.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75322);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0862\", \"CVE-2013-4342\");\n\n script_name(english:\"openSUSE Security Update : xinetd (openSUSE-SU-2014:0517-1)\");\n script_summary(english:\"Check for the openSUSE-2014-292 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xinetd was updated to receive security fixes and a bug fix.\n\nSecurity issues fixed :\n\n - CVE-2013-4342 (bnc#844230)\n\n - xinetd ignored user and group directives for tcpmux\n services\n\n - CVE-2012-0862 (bnc#762294)\n\n - xinetd enabled all services when tcp multiplexing is\n used\n\nAlso added support for setting maximum number of open files\n(bnc#855685).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762294\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=844230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=855685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-04/msg00034.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xinetd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xinetd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3|SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3 / 13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xinetd-2.3.14-163.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xinetd-debuginfo-2.3.14-163.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xinetd-debugsource-2.3.14-163.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xinetd-2.3.15-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xinetd-debuginfo-2.3.15-2.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xinetd-debugsource-2.3.15-2.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:10:38", "description": "Fix tcpmux security\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-05-30T00:00:00", "title": "Fedora 16 : xinetd-2.3.14-47.fc16 (2012-8061)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2012-05-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xinetd", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-8061.NASL", "href": "https://www.tenable.com/plugins/nessus/59298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8061.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59298);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_xref(name:\"FEDORA\", value:\"2012-8061\");\n\n script_name(english:\"Fedora 16 : xinetd-2.3.14-47.fc16 (2012-8061)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix tcpmux security\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=790940\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8ff2223\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"xinetd-2.3.14-47.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T12:47:46", "description": "From Red Hat Security Advisory 2013:0499 :\n\nAn updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#790036)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : xinetd (ELSA-2013-0499)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:xinetd"], "id": "ORACLELINUX_ELSA-2013-0499.NASL", "href": "https://www.tenable.com/plugins/nessus/68740", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0499 and \n# Oracle Linux Security Advisory ELSA-2013-0499 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68740);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_bugtraq_id(53720);\n script_xref(name:\"RHSA\", value:\"2013:0499\");\n\n script_name(english:\"Oracle Linux 6 : xinetd (ELSA-2013-0499)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0499 :\n\nAn updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#790036)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-February/003281.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"xinetd-2.3.14-38.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-12T10:10:38", "description": "Fix tcpmux security\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-05-30T00:00:00", "title": "Fedora 15 : xinetd-2.3.14-37.fc15 (2012-8041)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2012-05-30T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xinetd", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-8041.NASL", "href": "https://www.tenable.com/plugins/nessus/59297", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-8041.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59297);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_xref(name:\"FEDORA\", value:\"2012-8041\");\n\n script_name(english:\"Fedora 15 : xinetd-2.3.14-37.fc15 (2012-8041)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix tcpmux security\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=790940\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4e4d6e96\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"xinetd-2.3.14-37.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:12:02", "description": "An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#790036)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.", "edition": 25, "published": "2013-02-21T00:00:00", "title": "RHEL 6 : xinetd (RHSA-2013:0499)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2013-02-21T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:xinetd-debuginfo", "p-cpe:/a:redhat:enterprise_linux:xinetd", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0499.NASL", "href": "https://www.tenable.com/plugins/nessus/64751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0499. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64751);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_bugtraq_id(53720);\n script_xref(name:\"RHSA\", value:\"2013:0499\");\n\n script_name(english:\"RHEL 6 : xinetd (RHSA-2013:0499)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#790036)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0499\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0862\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd and / or xinetd-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xinetd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0499\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"xinetd-2.3.14-38.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"xinetd-2.3.14-38.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"xinetd-2.3.14-38.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"xinetd-debuginfo-2.3.14-38.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"xinetd-debuginfo-2.3.14-38.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"xinetd-debuginfo-2.3.14-38.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd / xinetd-debuginfo\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-06T09:28:58", "description": "An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#852274)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.", "edition": 25, "published": "2014-11-12T00:00:00", "title": "CentOS 5 : xinetd (CESA-2013:1302)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2014-11-12T00:00:00", "cpe": ["cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:xinetd"], "id": "CENTOS_RHSA-2013-1302.NASL", "href": "https://www.tenable.com/plugins/nessus/79148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1302 and \n# CentOS Errata and Security Advisory 2013:1302 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79148);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_bugtraq_id(53720);\n script_xref(name:\"RHSA\", value:\"2013:1302\");\n\n script_name(english:\"CentOS 5 : xinetd (CESA-2013:1302)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#852274)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-October/000881.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29e73c77\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0862\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"xinetd-2.3.14-19.el5\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:13:03", "description": "An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#852274)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.", "edition": 25, "published": "2013-10-01T00:00:00", "title": "RHEL 5 : xinetd (RHSA-2013:1302)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2013-10-01T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:xinetd-debuginfo", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xinetd"], "id": "REDHAT-RHSA-2013-1302.NASL", "href": "https://www.tenable.com/plugins/nessus/70243", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:1302. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70243);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_bugtraq_id(53720);\n script_xref(name:\"RHSA\", value:\"2013:1302\");\n\n script_name(english:\"RHEL 5 : xinetd (RHSA-2013:1302)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xinetd package that fixes one security issue and two bugs\nis now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe xinetd package provides a secure replacement for inetd, the\nInternet services daemon. xinetd provides access control for all\nservices based on the address of the remote host and/or on time of\naccess, and can prevent denial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this\nissue.\n\nThis update also fixes the following bugs :\n\n* Prior to this update, a file descriptor array in the service.c\nsource file was not handled as expected. As a consequence, some of the\ndescriptors remained open when xinetd was under heavy load.\nAdditionally, the system log was filled with a large number of\nmessages that took up a lot of disk space over time. This update\nmodifies the xinetd code to handle the file descriptors correctly and\nmessages no longer fill the system log. (BZ#852274)\n\n* Prior to this update, services were disabled permanently when their\nCPS limit was reached. As a consequence, a failed bind operation could\noccur when xinetd attempted to restart the service. This update adds\nadditional logic that attempts to restart the service. Now, the\nservice is only disabled if xinetd cannot restart the service after 30\nattempts. (BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:1302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0862\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd and / or xinetd-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xinetd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:1302\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"xinetd-2.3.14-19.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"xinetd-2.3.14-19.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"xinetd-2.3.14-19.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"xinetd-debuginfo-2.3.14-19.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"xinetd-debuginfo-2.3.14-19.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"xinetd-debuginfo-2.3.14-19.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd / xinetd-debuginfo\");\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T11:54:04", "description": "A security issue was identified and fixed in xinetd :\n\nbuiltins.c in Xinetd before 2.3.15 does not check the service type\nwhen the tcpmux-server service is enabled, which exposes all enabled\nservices and allows remote attackers to bypass intended access\nrestrictions via a request to tcpmux port 1 (CVE-2012-0862).\n\nThe updated packages have been upgraded to the 2.3.15 version which is\nnot vulnerble to this issue.", "edition": 25, "published": "2013-04-20T00:00:00", "title": "Mandriva Linux Security Advisory : xinetd (MDVSA-2013:057)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2013-04-20T00:00:00", "cpe": ["cpe:/o:mandriva:business_server:1", "p-cpe:/a:mandriva:linux:xinetd", "p-cpe:/a:mandriva:linux:xinetd-simple-services"], "id": "MANDRIVA_MDVSA-2013-057.NASL", "href": "https://www.tenable.com/plugins/nessus/66071", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:057. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66071);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0862\");\n script_bugtraq_id(53720);\n script_xref(name:\"MDVSA\", value:\"2013:057\");\n\n script_name(english:\"Mandriva Linux Security Advisory : xinetd (MDVSA-2013:057)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security issue was identified and fixed in xinetd :\n\nbuiltins.c in Xinetd before 2.3.15 does not check the service type\nwhen the tcpmux-server service is enabled, which exposes all enabled\nservices and allows remote attackers to bypass intended access\nrestrictions via a request to tcpmux port 1 (CVE-2012-0862).\n\nThe updated packages have been upgraded to the 2.3.15 version which is\nnot vulnerble to this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd and / or xinetd-simple-services packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:xinetd-simple-services\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"xinetd-2.3.15-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"xinetd-simple-services-2.3.15-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:47:50", "description": "When xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, a file descriptor array in the\n service.c source file was not handled as expected. As a\n consequence, some of the descriptors remained open when\n xinetd was under heavy load. Additionally, the system\n log was filled with a large number of messages that took\n up a lot of disk space over time. This update modifies\n the xinetd code to handle the file descriptors correctly\n and messages no longer fill the system log.\n\n - Prior to this update, services were disabled permanently\n when their CPS limit was reached. As a consequence, a\n failed bind operation could occur when xinetd attempted\n to restart the service. This update adds additional\n logic that attempts to restart the service. Now, the\n service is only disabled if xinetd cannot restart the\n service after 30 attempts.", "edition": 15, "published": "2013-10-10T00:00:00", "title": "Scientific Linux Security Update : xinetd on SL5.x i386/x86_64 (20130930)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "modified": "2013-10-10T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:xinetd", "p-cpe:/a:fermilab:scientific_linux:xinetd-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130930_XINETD_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/70364", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70364);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0862\");\n\n script_name(english:\"Scientific Linux Security Update : xinetd on SL5.x i386/x86_64 (20130930)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS'\ntype, and the tcpmux-server service is enabled, those services are\naccessible via port 1. It was found that enabling the tcpmux-server\nservice (it is disabled by default) allowed every xinetd service,\nincluding those that are not configured with the 'TCPMUX' or\n'TCPMUXPLUS' type, to be accessible via port 1. This could allow a\nremote attacker to bypass intended firewall restrictions.\n(CVE-2012-0862)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, a file descriptor array in the\n service.c source file was not handled as expected. As a\n consequence, some of the descriptors remained open when\n xinetd was under heavy load. Additionally, the system\n log was filled with a large number of messages that took\n up a lot of disk space over time. This update modifies\n the xinetd code to handle the file descriptors correctly\n and messages no longer fill the system log.\n\n - Prior to this update, services were disabled permanently\n when their CPS limit was reached. As a consequence, a\n failed bind operation could occur when xinetd attempted\n to restart the service. This update adds additional\n logic that attempts to restart the service. Now, the\n service is only disabled if xinetd cannot restart the\n service after 30 attempts.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1310&L=scientific-linux-errata&T=0&P=439\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?748b03fa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xinetd and / or xinetd-debuginfo packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xinetd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:xinetd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"xinetd-2.3.14-19.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xinetd-debuginfo-2.3.14-19.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xinetd / xinetd-debuginfo\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "centos": [{"lastseen": "2020-10-30T13:23:13", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "**CentOS Errata and Security Advisory** CESA-2013:0499\n\n\nThe xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nWhen xinetd services are configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type,\nand the tcpmux-server service is enabled, those services are accessible via\nport 1. It was found that enabling the tcpmux-server service (it is\ndisabled by default) allowed every xinetd service, including those that are\nnot configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type, to be accessible via\nport 1. This could allow a remote attacker to bypass intended firewall\nrestrictions. (CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, a file descriptor array in the service.c source\nfile was not handled as expected. As a consequence, some of the descriptors\nremained open when xinetd was under heavy load. Additionally, the system\nlog was filled with a large number of messages that took up a lot of disk\nspace over time. This update modifies the xinetd code to handle the file\ndescriptors correctly and messages no longer fill the system log.\n(BZ#790036)\n\n* Prior to this update, services were disabled permanently when their CPS\nlimit was reached. As a consequence, a failed bind operation could occur\nwhen xinetd attempted to restart the service. This update adds additional\nlogic that attempts to restart the service. Now, the service is only\ndisabled if xinetd cannot restart the service after 30 attempts.\n(BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-March/031590.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-February/006944.html\n\n**Affected packages:**\nxinetd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-0499.html", "edition": 7, "modified": "2013-03-09T00:43:38", "published": "2013-02-27T19:40:03", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-February/006944.html", "id": "CESA-2013:0499", "title": "xinetd security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-12-20T18:26:41", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1302\n\n\nThe xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nWhen xinetd services are configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type,\nand the tcpmux-server service is enabled, those services are accessible via\nport 1. It was found that enabling the tcpmux-server service (it is\ndisabled by default) allowed every xinetd service, including those that are\nnot configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type, to be accessible via\nport 1. This could allow a remote attacker to bypass intended firewall\nrestrictions. (CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, a file descriptor array in the service.c source\nfile was not handled as expected. As a consequence, some of the descriptors\nremained open when xinetd was under heavy load. Additionally, the system\nlog was filled with a large number of messages that took up a lot of disk\nspace over time. This update modifies the xinetd code to handle the file\ndescriptors correctly and messages no longer fill the system log.\n(BZ#852274)\n\n* Prior to this update, services were disabled permanently when their CPS\nlimit was reached. As a consequence, a failed bind operation could occur\nwhen xinetd attempted to restart the service. This update adds additional\nlogic that attempts to restart the service. Now, the service is only\ndisabled if xinetd cannot restart the service after 30 attempts.\n(BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-October/007081.html\n\n**Affected packages:**\nxinetd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1302.html", "edition": 3, "modified": "2013-10-07T13:02:36", "published": "2013-10-07T13:02:36", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2013-October/007081.html", "id": "CESA-2013:1302", "title": "xinetd security update", "type": "centos", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-10-30T13:23:24", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1409\n\n\nThe xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nIt was found that xinetd ignored the user and group configuration\ndirectives for services running under the tcpmux-server service. This flaw\ncould cause the associated services to run as root. If there was a flaw in\nsuch a service, a remote attacker could use it to execute arbitrary code\nwith the privileges of the root user. (CVE-2013-4342)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nAll xinetd users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-October/032005.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-October/007087.html\n\n**Affected packages:**\nxinetd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1409.html", "edition": 85, "modified": "2013-10-08T12:40:14", "published": "2013-10-07T21:45:03", "href": "http://lists.centos.org/pipermail/centos-announce/2013-October/032005.html", "id": "CESA-2013:1409", "title": "xinetd security update", "type": "centos", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:06", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "The xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nWhen xinetd services are configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type,\nand the tcpmux-server service is enabled, those services are accessible via\nport 1. It was found that enabling the tcpmux-server service (it is\ndisabled by default) allowed every xinetd service, including those that are\nnot configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type, to be accessible via\nport 1. This could allow a remote attacker to bypass intended firewall\nrestrictions. (CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, a file descriptor array in the service.c source\nfile was not handled as expected. As a consequence, some of the descriptors\nremained open when xinetd was under heavy load. Additionally, the system\nlog was filled with a large number of messages that took up a lot of disk\nspace over time. This update modifies the xinetd code to handle the file\ndescriptors correctly and messages no longer fill the system log.\n(BZ#852274)\n\n* Prior to this update, services were disabled permanently when their CPS\nlimit was reached. As a consequence, a failed bind operation could occur\nwhen xinetd attempted to restart the service. This update adds additional\nlogic that attempts to restart the service. Now, the service is only\ndisabled if xinetd cannot restart the service after 30 attempts.\n(BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "modified": "2017-09-08T12:13:53", "published": "2013-09-30T20:52:28", "id": "RHSA-2013:1302", "href": "https://access.redhat.com/errata/RHSA-2013:1302", "type": "redhat", "title": "(RHSA-2013:1302) Low: xinetd security and bug fix update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "The xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nWhen xinetd services are configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type,\nand the tcpmux-server service is enabled, those services are accessible via\nport 1. It was found that enabling the tcpmux-server service (it is\ndisabled by default) allowed every xinetd service, including those that are\nnot configured with the \"TCPMUX\" or \"TCPMUXPLUS\" type, to be accessible via\nport 1. This could allow a remote attacker to bypass intended firewall\nrestrictions. (CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, a file descriptor array in the service.c source\nfile was not handled as expected. As a consequence, some of the descriptors\nremained open when xinetd was under heavy load. Additionally, the system\nlog was filled with a large number of messages that took up a lot of disk\nspace over time. This update modifies the xinetd code to handle the file\ndescriptors correctly and messages no longer fill the system log.\n(BZ#790036)\n\n* Prior to this update, services were disabled permanently when their CPS\nlimit was reached. As a consequence, a failed bind operation could occur\nwhen xinetd attempted to restart the service. This update adds additional\nlogic that attempts to restart the service. Now, the service is only\ndisabled if xinetd cannot restart the service after 30 attempts.\n(BZ#809271)\n\nAll users of xinetd are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "modified": "2018-06-06T20:24:25", "published": "2013-02-21T05:00:00", "id": "RHSA-2013:0499", "href": "https://access.redhat.com/errata/RHSA-2013:0499", "type": "redhat", "title": "(RHSA-2013:0499) Low: xinetd security and bug fix update", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-08-13T18:45:00", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "The xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nIt was found that xinetd ignored the user and group configuration\ndirectives for services running under the tcpmux-server service. This flaw\ncould cause the associated services to run as root. If there was a flaw in\nsuch a service, a remote attacker could use it to execute arbitrary code\nwith the privileges of the root user. (CVE-2013-4342)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nAll xinetd users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n", "modified": "2018-06-06T20:24:20", "published": "2013-10-07T04:00:00", "id": "RHSA-2013:1409", "href": "https://access.redhat.com/errata/RHSA-2013:1409", "type": "redhat", "title": "(RHSA-2013:1409) Moderate: xinetd security update", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:24", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "[2:2.3.14-38]\n- CVE-2012-0862 xinetd: enables unintentional services over tcpmux port\n- Resolves: #883653\n[2:2.3.14-37]\n- Fix changelog entry\n- Related: #809271\n[2:2.3.14-36]\n- Fix: Service disabled due to bind failure\n- Resolves: #809271", "edition": 4, "modified": "2013-02-22T00:00:00", "published": "2013-02-22T00:00:00", "id": "ELSA-2013-0499", "href": "http://linux.oracle.com/errata/ELSA-2013-0499.html", "title": "xinetd security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:23", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "[2:2.3.14-19]\r\n- Correctly backport patches that fix the descriptor leakage\r\n- Related: #852274\r\n \n[-2:2.3.14-18]\r\n- Fix leaking file descriptors (#852274)\r\n- Fix: Service disabled due to bind failure (#811000)\r\n- CVE-2012-0862 xinetd: enables unintentional services over tcpmux port (#788795)", "edition": 4, "modified": "2013-10-02T00:00:00", "published": "2013-10-02T00:00:00", "id": "ELSA-2013-1302", "href": "http://linux.oracle.com/errata/ELSA-2013-1302.html", "title": "xinetd security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:39", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "[2:2.3.14-39]\n- Honor user and group directives\n- Resolves: CVE-2013-4342", "edition": 4, "modified": "2013-10-07T00:00:00", "published": "2013-10-07T00:00:00", "id": "ELSA-2013-1409", "href": "http://linux.oracle.com/errata/ELSA-2013-1409.html", "title": "xinetd security update", "type": "oraclelinux", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T17:51:26", "description": "BUGTRAQ ID: 53720\r\nCVE ID: CVE-2012-0862\r\n\r\nXinetd\u662f\u4e00\u4e2a\u6765\u6e90\u4e8eBSD inetd\u7684\u5b89\u5168\u66ff\u4ee3\u4ea7\u54c1\uff0c\u6700\u521d\u662f\u7531panos@cs.colorado.edu\u5f00\u53d1\u7684\u3002\r\n\r\nXinetd\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u5728\u542f\u7528\u4e86tcpmux-server\u8bbf\u95ee\u540e\uff0cxinetd\u6ca1\u6709\u914d\u7f6e\u670d\u52a1\uff0c\u800c\u662f\u5229\u7528tcpmux\u7aef\u53e3\u516c\u5f00\u4e86\u6240\u6709\u542f\u7528\u7684\u670d\u52a1\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u9632\u706b\u5899\u7684\u5b89\u5168\u9650\u5236\uff0c\u901a\u8fc7tcpmux\u7aef\u53e3\u8bbf\u95ee\u670d\u52a1\u3002\n0\nXinetd < 2.3.15\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nXinetd\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.xinetd.org/", "published": "2012-05-30T00:00:00", "type": "seebug", "title": "Xinetd < 2.3.15 \u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0862"], "modified": "2012-05-30T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-60170", "id": "SSV:60170", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:44", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "\nThomas Swan reports:\n\nxinetd allows for services to be configured with the TCPMUX\n\t or TCPMUXPLUS service types, which makes those services\n\t available on port 1, as per RFC 1078 [1], if the tcpmux-server\n\t service is enabled. When the tcpmux-server service is enabled,\n\t xinetd would expose _all_ enabled services via the tcpmux port,\n\t instead of just the configured service(s). This could allow\n\t a remote attacker to bypass firewall restrictions and access\n\t services via the tcpmux port.\n\n", "edition": 4, "modified": "2012-02-15T00:00:00", "published": "2012-02-15T00:00:00", "id": "E11955CA-187C-11E2-BE36-00215AF774F0", "href": "https://vuxml.freebsd.org/freebsd/e11955ca-187c-11e2-be36-00215af774f0.html", "title": "xinetd -- attackers can bypass access restrictions if tcpmux-servers service enabled", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:33:33", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "\nxinetd would execute configured TCPMUX services without dropping\n\t privilege to match the service configuration allowing the service to\n\t run with same privilege as the xinetd process (root).\n", "edition": 4, "modified": "2005-08-23T00:00:00", "published": "2005-08-23T00:00:00", "id": "5C34664F-2C2B-11E3-87C2-00215AF774F0", "href": "https://vuxml.freebsd.org/freebsd/5c34664f-2c2b-11e3-87c2-00215af774f0.html", "title": "xinetd -- ignores user and group directives for TCPMUX services", "type": "freebsd", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory. ", "modified": "2012-05-29T10:28:15", "published": "2012-05-29T10:28:15", "id": "FEDORA:667F320DED", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: xinetd-2.3.14-37.fc15", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0862"], "description": "Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory. ", "modified": "2012-05-29T10:23:48", "published": "2012-05-29T10:23:48", "id": "FEDORA:278D3208C3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: xinetd-2.3.14-47.fc16", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory. ", "modified": "2013-10-11T23:56:28", "published": "2013-10-11T23:56:28", "id": "FEDORA:E76F022666", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: xinetd-2.3.15-8.fc19", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of server arguments, and lets you bind specific services to specific IP addresses on your host machine. Each service has its own specific configuration file for Xinetd; the files are located in the /etc/xinetd.d directory. ", "modified": "2013-10-12T04:28:04", "published": "2013-10-12T04:28:04", "id": "FEDORA:186FD23057", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: xinetd-2.3.15-8.fc20", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-01-06T13:07:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Check for the Version of xinetd", "modified": "2018-01-04T00:00:00", "published": "2012-06-01T00:00:00", "id": "OPENVAS:864264", "href": "http://plugins.openvas.org/nasl.php?oid=864264", "type": "openvas", "title": "Fedora Update for xinetd FEDORA-2012-8041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xinetd FEDORA-2012-8041\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xinetd on Fedora 15\";\ntag_insight = \"Xinetd is a secure replacement for inetd, the Internet services\n daemon. Xinetd provides access control for all services based on the\n address of the remote host and/or on time of access and can prevent\n denial-of-access attacks. Xinetd provides extensive logging, has no\n limit on the number of server arguments, and lets you bind specific\n services to specific IP addresses on your host machine. Each service\n has its own specific configuration file for Xinetd; the files are\n located in the /etc/xinetd.d directory.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html\");\n script_id(864264);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-01 09:50:12 +0530 (Fri, 01 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-0862\");\n script_xref(name: \"FEDORA\", value: \"2012-8041\");\n script_name(\"Fedora Update for xinetd FEDORA-2012-8041\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xinetd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~37.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-19T15:09:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Check for the Version of xinetd", "modified": "2018-01-19T00:00:00", "published": "2013-10-03T00:00:00", "id": "OPENVAS:871043", "href": "http://plugins.openvas.org/nasl.php?oid=871043", "type": "openvas", "title": "RedHat Update for xinetd RHSA-2013:1302-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for xinetd RHSA-2013:1302-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871043);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-10-03 10:17:04 +0530 (Thu, 03 Oct 2013)\");\n script_cve_id(\"CVE-2012-0862\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"RedHat Update for xinetd RHSA-2013:1302-01\");\n\n tag_insight = \"The xinetd package provides a secure replacement for inetd, the Internet\nservices daemon. xinetd provides access control for all services based on\nthe address of the remote host and/or on time of access, and can prevent\ndenial-of-access attacks.\n\nWhen xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS' type,\nand the tcpmux-server service is enabled, those services are accessible via\nport 1. It was found that enabling the tcpmux-server service (it is\ndisabled by default) allowed every xinetd service, including those that are\nnot configured with the 'TCPMUX' or 'TCPMUXPLUS' type, to be accessible via\nport 1. This could allow a remote attacker to bypass intended firewall\nrestrictions. (CVE-2012-0862)\n\nRed Hat would like to thank Thomas Swan of FedEx for reporting this issue.\n\nThis update also fixes the following bugs:\n\n* Prior to this update, a file descriptor array in the service.c source\nfile was not handled as expected. As a consequence, some of the descriptors\nremained open when xinetd was under heavy load. Additionally, the system\nlog was filled with a large number of messages that took up a lot of disk\nspace over time. This update modifies the xinetd code to handle the file\ndescriptors correctly and messages no longer fill the system log.\n(BZ#852274)\n\n* Prior to this update, services were disabled permanently when their CPS\nlimit was reached. As a consequence, a failed bind operation could occur\nwhen xinetd attempted to restart the service. This update adds additional\nlogic that attempts to restart the service. Now, the service is only\ndisabled if xinetd cannot restart the service after 30 attempts.\n(BZ#811000)\n\nAll users of xinetd are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\";\n\n tag_affected = \"xinetd on Red Hat Enterprise Linux (v. 5 server)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2013:1302-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2013-September/msg00049.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of xinetd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~19.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xinetd-debuginfo\", rpm:\"xinetd-debuginfo~2.3.14~19.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:36:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Oracle Linux Local Security Checks ELSA-2013-0499", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123709", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123709", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0499", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0499.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123709\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:31 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0499\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0499 - xinetd security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0499\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0499.html\");\n script_cve_id(\"CVE-2012-0862\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~38.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-02T21:10:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2017-04-13T00:00:00", "published": "2012-10-22T00:00:00", "id": "OPENVAS:72502", "href": "http://plugins.openvas.org/nasl.php?oid=72502", "type": "openvas", "title": "FreeBSD Ports: xinetd", "sourceData": "#\n#VID e11955ca-187c-11e2-be36-00215af774f0\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID e11955ca-187c-11e2-be36-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: xinetd\n\nCVE-2012-0862\nbuiltins.c in Xinetd before 2.3.15 does not check the service type\nwhen the tcpmux-server service is enabled, which exposes all enabled\nservices and allows remote attackers to bypass intended access\nrestrictions via a request to tcpmux port 1.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttps://bugzilla.redhat.com/show_bug.cgi?id=790940\nhttp://www.vuxml.org/freebsd/e11955ca-187c-11e2-be36-00215af774f0.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(72502);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-0862\");\n script_version(\"$Revision: 5950 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-13 11:02:06 +0200 (Thu, 13 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-22 08:43:21 -0400 (Mon, 22 Oct 2012)\");\n script_name(\"FreeBSD Ports: xinetd\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"xinetd\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.3.15\")<0) {\n txt += \"Package xinetd version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:57:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Check for the Version of xinetd", "modified": "2018-01-01T00:00:00", "published": "2012-10-03T00:00:00", "id": "OPENVAS:831736", "href": "http://plugins.openvas.org/nasl.php?oid=831736", "type": "openvas", "title": "Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A security issue was identified and fixed in xinetd:\n\n builtins.c in Xinetd before 2.3.15 does not check the service type\n when the tcpmux-server service is enabled, which exposes all enabled\n services and allows remote attackers to bypass intended access\n restrictions via a request to tcpmux port 1 (CVE-2012-0862).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"xinetd on Mandriva Linux 2011.0\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:155-1\");\n script_id(831736);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:25:23 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-0862\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"MDVSA\", value: \"2012:155-1\");\n script_name(\"Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xinetd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~13.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xinetd-simple-services\", rpm:\"xinetd-simple-services~2.3.14~13.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "modified": "2018-10-05T00:00:00", "published": "2012-10-22T00:00:00", "id": "OPENVAS:136141256231072502", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231072502", "type": "openvas", "title": "FreeBSD Ports: xinetd", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_xinetd.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID e11955ca-187c-11e2-be36-00215af774f0\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.72502\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-0862\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-22 08:43:21 -0400 (Mon, 22 Oct 2012)\");\n script_name(\"FreeBSD Ports: xinetd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: xinetd\n\nCVE-2012-0862\nbuiltins.c in Xinetd before 2.3.15 does not check the service type\nwhen the tcpmux-server service is enabled, which exposes all enabled\nservices and allows remote attackers to bypass intended access\nrestrictions via a request to tcpmux port 1.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=790940\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/e11955ca-187c-11e2-be36-00215af774f0.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"xinetd\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.3.15\")<0) {\n txt += \"Package xinetd version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Oracle Linux Local Security Checks ELSA-2013-1302", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123563", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123563", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-1302", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-1302.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123563\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:05:34 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-1302\");\n script_tag(name:\"insight\", value:\"ELSA-2013-1302 - xinetd security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-1302\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-1302.html\");\n script_cve_id(\"CVE-2012-0862\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~19.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2012-10-03T00:00:00", "id": "OPENVAS:1361412562310831736", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831736", "type": "openvas", "title": "Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:155-1\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831736\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-10-03 09:25:23 +0530 (Wed, 03 Oct 2012)\");\n script_cve_id(\"CVE-2012-0862\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"MDVSA\", value:\"2012:155-1\");\n script_name(\"Mandriva Update for xinetd MDVSA-2012:155-1 (xinetd)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xinetd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_2011\\.0\");\n script_tag(name:\"affected\", value:\"xinetd on Mandriva Linux 2011.0\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A security issue was identified and fixed in xinetd:\n\n builtins.c in Xinetd before 2.3.15 does not check the service type\n when the tcpmux-server service is enabled, which exposes all enabled\n services and allows remote attackers to bypass intended access\n restrictions via a request to tcpmux port 1 (CVE-2012-0862).\n\n The updated packages have been patched to correct this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~13.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xinetd-simple-services\", rpm:\"xinetd-simple-services~2.3.14~13.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-06-01T00:00:00", "id": "OPENVAS:1361412562310864264", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864264", "type": "openvas", "title": "Fedora Update for xinetd FEDORA-2012-8041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xinetd FEDORA-2012-8041\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864264\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-01 09:50:12 +0530 (Fri, 01 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-0862\");\n script_xref(name:\"FEDORA\", value:\"2012-8041\");\n script_name(\"Fedora Update for xinetd FEDORA-2012-8041\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xinetd'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"xinetd on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~37.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-08T12:58:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0862"], "description": "Check for the Version of xinetd", "modified": "2018-01-08T00:00:00", "published": "2012-06-01T00:00:00", "id": "OPENVAS:864267", "href": "http://plugins.openvas.org/nasl.php?oid=864267", "type": "openvas", "title": "Fedora Update for xinetd FEDORA-2012-8061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xinetd FEDORA-2012-8061\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xinetd on Fedora 16\";\ntag_insight = \"Xinetd is a secure replacement for inetd, the Internet services\n daemon. Xinetd provides access control for all services based on the\n address of the remote host and/or on time of access and can prevent\n denial-of-access attacks. Xinetd provides extensive logging, has no\n limit on the number of server arguments, and lets you bind specific\n services to specific IP addresses on your host machine. Each service\n has its own specific configuration file for Xinetd; the files are\n located in the /etc/xinetd.d directory.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html\");\n script_id(864267);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-01 09:50:17 +0530 (Fri, 01 Jun 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2012-0862\");\n script_xref(name: \"FEDORA\", value: \"2012-8061\");\n script_name(\"Fedora Update for xinetd FEDORA-2012-8061\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xinetd\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xinetd\", rpm:\"xinetd~2.3.14~47.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "gentoo": [{"lastseen": "2016-11-15T08:54:36", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "edition": 1, "description": "### Background\n\nxinetd is a secure replacement for inetd.\n\n### Description\n\nXinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root. \n\n### Impact\n\nAttackers could escalate privileges outside of the running process.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll xinetd users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --verbose --oneshot \">=sys-apps/xinetd-2.3.15-r2\"", "modified": "2016-11-15T00:00:00", "published": "2016-11-15T00:00:00", "href": "https://security.gentoo.org/glsa/201611-06", "id": "GLSA-201611-06", "type": "gentoo", "title": "xinetd: Privilege escalation", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2020-11-10T12:34:47", "bulletinFamily": "unix", "cvelist": ["CVE-2013-4342"], "description": "**Issue Overview:**\n\nIt was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user. ([CVE-2013-4342 __](<https://access.redhat.com/security/cve/CVE-2013-4342>))\n\n \n**Affected Packages:** \n\n\nxinetd\n\n \n**Issue Correction:** \nRun _yum update xinetd_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n xinetd-2.3.14-39.9.amzn1.i686 \n xinetd-debuginfo-2.3.14-39.9.amzn1.i686 \n \n src: \n xinetd-2.3.14-39.9.amzn1.src \n \n x86_64: \n xinetd-debuginfo-2.3.14-39.9.amzn1.x86_64 \n xinetd-2.3.14-39.9.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-10-16T20:53:00", "published": "2013-10-16T20:53:00", "id": "ALAS-2013-232", "href": "https://alas.aws.amazon.com/ALAS-2013-232.html", "title": "Medium: xinetd", "type": "amazon", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}]}