MiracleLinux 3 : xinetd-2.3.14-20.AXS3 (AXSA:2013-656:02)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-656:02 advisory. Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote hos...

MiracleLinux 4 : xinetd-2.3.14-38.AXS4 (AXSA:2013-131:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-131:01 advisory. Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote hos...

EUVD-2012-0887

Malware in sbrugna...

SUSE CVE-2012-0862

builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1...

SUSE: Security Advisory (SUSE-SU-2014:0871-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Privilege Escalation

xinetd is vulnerable to privilege escalation attacks. The vulnerability exists as xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging anothe...

Authorization Bypass

xinetd is vulnerable to authorization bypass. The service type is not verified in builtins.c when the TCPMUX or TCPMUXPLUS type and tcpmux-server service are enabled. This exposes all enabled services and allows remote attackers to bypass access and firewall restrictions via a request to tcpmux...

xinetd: Privilege escalation

Background xinetd is a secure replacement for inetd. Description Xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root. Impact Attackers could escalate privileges outside of the running process. Workaround There is n...

GLSA-201611-06 : xinetd: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-201611-06 xinetd: Privilege escalation Xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root. Impact : Attackers could escalate privileges outside of...

SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)

Xinetd receives a LTSS roll-up update to fix two security issues. - CVE-2012-0862: xinetd enabled all services when tcp multiplexing is used. - CVE-2013-4342: xinetd ignored user and group directives for tcpmux services, running services as root. While both issues are not so problematic on their...

BSDI <= 4.0 tcpmux / inetd crash Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/66/info A vulnerability exists in inetd which allows a remote user to crash inetd if the tcpmux service is not commented out of /etc/inetd.conf. The tcpmux service is defined in RFC1078 $ nmap -p 1-64000 -i target host It...

openSUSE Security Update : xinetd (openSUSE-SU-2014:0517-1)

xinetd was updated to receive security fixes and a bug fix. Security issues fixed : - CVE-2013-4342 bnc844230 - xinetd ignored user and group directives for tcpmux services - CVE-2012-0862 bnc762294 - xinetd enabled all services when tcp multiplexing is used Also added support for setting maximum...

Medium: xinetd

Issue Overview: It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitra...

Fedora 19 : xinetd-2.3.15-8.fc19 (2013-18243)

CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...

xinetd privilege escalation

tcpmux-server service is executed with root privileges...

Mandriva Linux Security Advisory : xinetd (MDVSA-2013:248)

Updated xinetd package fixes security vulnerability : It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote...

CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...

CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...

CVE-2013-4342

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...

Default configuration

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...