247 matches found
[ MDVSA-2013:248 ] xinetd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:248 http://www.mandriva.com/en/support/security/ Package : xinetd Date : October 10, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: Updated xinetd package fixes security...
xinetd privilege escalation
tcpmux-server service is executed with root privileges...
[SECURITY] Fedora 19 Update: xinetd-2.3.15-8.fc19
Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote host and/or on time of access and can prevent denial-of-access attacks. Xinetd provides extensive logging, has no limit on the number of serve...
Mandriva Linux Security Advisory : xinetd (MDVSA-2013:248)
Updated xinetd package fixes security vulnerability : It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
AZL-35352 CVE-2013-4342 affecting package xinetd for versions less than 2.3.15-14
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
AZL-13592 CVE-2013-4342 affecting package xinetd for versions less than 2.3.15-14
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
DEBIAN-CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
Default configuration
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
UBUNTU-CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
EUVD-2013-4228
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
CVE-2013-4342 affects the xinetd service. The root cause is that TCPMUX services can run with root privileges because user/group directives are not enforced, enabling privilege escalation if a vulnerable service is exploited. Connected advisories note specific package versions: Mariner entries in...
Scientific Linux Security Update : xinetd on SL5.x, SL6.x i386/x86_64 (20131007)
It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the...
Scientific Linux Security Update : xinetd on SL5.x i386/x86_64 (20130930)
When xinetd services are configured with the 'TCPMUX' or 'TCPMUXPLUS' type, and the tcpmux-server service is enabled, those services are accessible via port 1. It was found that enabling the tcpmux-server service it is disabled by default allowed every xinetd service, including those that are not...
Updated xinetd package fixes security vulnerability
It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the...
MGASA-2013-0302 Updated xinetd package fixes security vulnerability
It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the...