CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0825

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile39.16th
PublishedDec 6, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check.

Affected Platforms (CPE)

πŸ“¦
Xinetd

Xinetd

<= 2.3.1
πŸ“¦
Xinetd

Xinetd

= 2.1.8.8
πŸ“¦
Xinetd

Xinetd

= 2.1.8.9
πŸ“¦
Xinetd

Xinetd

= 2.3.0

References & Advisories

πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000406
πŸ”— http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01
πŸ”— http://www.redhat.com/support/errata/RHSA-2001-092.html
πŸ”— http://www.securityfocus.com/bid/2971
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6804
πŸ”— http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000406
πŸ”— http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01
πŸ”— http://www.redhat.com/support/errata/RHSA-2001-092.html

Related Vulnerabilities

CVE-2017-124779.8

It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has a...

CVE-2013-43427.6

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as ...

CVE-2000-05367.5

xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not ha...

CVE-2001-13897.5

Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a d...