10 matches found
MiracleLinux 3 : xinetd-2.3.14-20.AXS3 (AXSA:2013-656:02)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-656:02 advisory. Xinetd is a secure replacement for inetd, the Internet services daemon. Xinetd provides access control for all services based on the address of the remote hos...
Privilege Escalation
xinetd is vulnerable to privilege escalation attacks. The vulnerability exists as xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging anothe...
GLSA-201611-06 : xinetd: Privilege escalation
The remote host is affected by the vulnerability described in GLSA-201611-06 xinetd: Privilege escalation Xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root. Impact : Attackers could escalate privileges outside of...
SUSE SLES10 / SLES11 Security Update : xinetd (SUSE-SU-2014:0871-1)
Xinetd receives a LTSS roll-up update to fix two security issues. - CVE-2012-0862: xinetd enabled all services when tcp multiplexing is used. - CVE-2013-4342: xinetd ignored user and group directives for tcpmux services, running services as root. While both issues are not so problematic on their...
Fedora 19 : xinetd-2.3.15-8.fc19 (2013-18243)
CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
EUVD-2013-4228
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service...
FreeBSD : xinetd -- ignores user and group directives for TCPMUX services (5c34664f-2c2b-11e3-87c2-00215af774f0)
xinetd would execute configured TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...