CVE-2012-0862

Published Jun 4, 2012

Last updated 7 years ago

Overview

Description: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-20

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5133E5DD-16A3-482A-A72E-0703F314C5E2",
            "versionEndIncluding": "2.3.14"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82CB46D4-DF79-4464-8264-D65D0DA784E9"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A45BAD0A-2620-4AC2-9774-41D1D6F61F57"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B48B3E9-43F9-4F83-A7DE-2FDAA10A2DB3"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D8A6F25-6188-4A27-BAC8-38033A275BBA"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0E3C40F-C4BB-4518-B839-5A4FB1614679"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A64D3005-CC91-4517-A4B0-4B1004163900"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6106B0C-7729-4AE8-821E-04A66638217F"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBFD5892-FC9A-4909-B5BD-8769F792DD03"
          },
          {
            "criteria": "cpe:2.3:a:xinetd:xinetd:2.3.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E3C6E61-F904-4711-B957-7EC6932A93ED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References