xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
References
Configurations
History
13 Feb 2023, 04:46
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. |
02 Feb 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services | |
References |
|
Information
Published : 2013-10-10 00:55
Updated : 2023-12-10 11:16
NVD link : CVE-2013-4342
Mitre link : CVE-2013-4342
CVE.ORG link : CVE-2013-4342
JSON object : View
Products Affected
redhat
- enterprise_linux
xinetd
- xinetd
CWE
CWE-264
Permissions, Privileges, and Access Controls