CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-4342

HIGH
7.6
CVSS Severity Score
EPSS Score0.1700%
EPSS Percentile24.12th
Published2013年10月10日
Last Modified2026年4月29日

Vulnerability Description

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

Affected Platforms (CPE)

📦
Xinetd

Xinetd

All versions
💻
Redhat

Enterprise Linux

= 5
💻
Redhat

Enterprise Linux

= 6.0

References & Advisories

🔗 http://rhn.redhat.com/errata/RHSA-2013-1409.html
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1006100
🔗 https://github.com/xinetd-org/xinetd/pull/10
🔗 https://security.gentoo.org/glsa/201611-06
🔗 http://rhn.redhat.com/errata/RHSA-2013-1409.html
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=1006100
🔗 https://github.com/xinetd-org/xinetd/pull/10
🔗 https://security.gentoo.org/glsa/201611-06

関連する脆弱性情報

CVE-2001-082510.0

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary command...

CVE-2017-124779.8

It was discovered that the bpserverd proprietary protocol in Unitrends Backup (UB) before 10.0.0, as invoked through xinetd, has a...

CVE-2000-05367.5

xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not ha...

CVE-2001-13897.5

Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a d...