Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xinetd xinetd - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-0862
builtins.c in Xinetd prior to 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote malicious users to bypass intended access restrictions via a request to tcpmux port 1.
Xinetd Xinetd 2.3.7
Xinetd Xinetd 2.3.8
Xinetd Xinetd 2.3.10
Xinetd Xinetd 2.3.6
Xinetd Xinetd 2.3.11
Xinetd Xinetd 2.3.5
Xinetd Xinetd 2.3.12
Xinetd Xinetd
Xinetd Xinetd 2.3.13
Xinetd Xinetd 2.3.9
NA
CVE-2003-0211
Memory leak in xinetd 2.3.10 allows remote malicious users to cause a denial of service (memory consumption) via a large number of rejected connections.
Xinetd Xinetd 2.3.7
Xinetd Xinetd 2.3.8
Xinetd Xinetd 2.3.1
Xinetd Xinetd 2.3.10
Xinetd Xinetd 2.3.6
Xinetd Xinetd 2.3.0
Xinetd Xinetd 2.3.3
Xinetd Xinetd 2.3.4
Xinetd Xinetd 2.3.5
Xinetd Xinetd 2.3.9
Xinetd Xinetd 2.3.2
1 EDB exploit
NA
CVE-2001-1322
xinetd 2.1.8 and previous versions runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
Xinetd Xinetd 2.1.8.9 Pre15
Xinetd Xinetd 2.1.8.9 Pre10
Xinetd Xinetd 2.1.8.9 Pre5
Xinetd Xinetd 2.1.8.8
Xinetd Xinetd 2.1.8.9 Pre3
Xinetd Xinetd 2.1.8.9 Pre9
Xinetd Xinetd 2.1.8.9 Pre1
Xinetd Xinetd 2.1.8.9 Pre8
Xinetd Xinetd 2.1.8.8 Pre3
Xinetd Xinetd 2.1.8.9 Pre14
Xinetd Xinetd 2.1.8.9 Pre2
Xinetd Xinetd 2.1.8.9 Pre13
Xinetd Xinetd 2.1.8.9 Pre12
Xinetd Xinetd 2.1.8.9 Pre11
Xinetd Xinetd 2.1.8.9 Pre7
Xinetd Xinetd 2.1.8.9 Pre4
NA
CVE-2001-1389
Multiple vulnerabilities in xinetd 2.3.0 and previous versions, and additional variants until 2.3.3, may allow remote malicious users to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.
Xinetd Xinetd 2.1.8.9 Pre15
Xinetd Xinetd 2.1.8.9 Pre10
Xinetd Xinetd 2.1.8.9 Pre5
Xinetd Xinetd 2.1.8.8
Xinetd Xinetd 2.1.8.9 Pre3
Xinetd Xinetd 2.3.0
Xinetd Xinetd 2.1.8.9 Pre9
Xinetd Xinetd 2.1.8.9 Pre1
Xinetd Xinetd 2.1.8.9 Pre8
Xinetd Xinetd 2.1.8.8 Pre3
Xinetd Xinetd 2.1.8.9 Pre14
Xinetd Xinetd 2.1.8.9 Pre2
Xinetd Xinetd 2.1.8.9 Pre13
Xinetd Xinetd 2.1.8.9 Pre12
Xinetd Xinetd 2.1.8.9 Pre11
Xinetd Xinetd 2.1.8.9 Pre7
NA
CVE-2000-0536
xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry.
Xinetd Xinetd 2.1.88 Pre2
Xinetd Xinetd 2.1.88 Pre1
Xinetd Xinetd 2.1.89 Pre3
Xinetd Xinetd 2.1.89 Pre4
Xinetd Xinetd 2.1.89 Pre2
Xinetd Xinetd 2.1.89 Pre1
Xinetd Xinetd 2.1.89 Pre5
Xinetd Xinetd 2.1.87
Xinetd Xinetd 2.1.88
NA
CVE-2001-0825
Buffer overflow in internal string handling routines of xinetd prior to 2.1.8.8 allows remote malicious users to execute arbitrary commands via a length argument of zero or less, which disables the length check.
Xinetd Xinetd
Xinetd Xinetd 2.1.8.8
Xinetd Xinetd 2.1.8.9
Xinetd Xinetd 2.3.0
NA
CVE-2002-0871
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
Xinetd Xinetd 2.3.6
Xinetd Xinetd 2.3.4
Xinetd Xinetd 2.3.5
NA
CVE-2013-4342
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote malicious users to gain privileges by leveraging another vulnerability in a service.
Xinetd Xinetd -
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 5
NA
CVE-2001-0763
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and previous versions may allow remote malicious users to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
Suse Suse Linux 6.2
Debian Debian Linux
Suse Suse Linux 7.2
Suse Suse Linux 6.0
Suse Suse Linux 6.1
Suse Suse Linux 7.0
Suse Suse Linux 7.1
Suse Suse Linux 6.3
Suse Suse Linux 6.4
1 EDB exploit
9.8
CVSSv3
CVE-2017-12477
It exists that the bpserverd proprietary protocol in Unitrends Backup (UB) prior to 10.0.0, as invoked through xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target ...
Kaseya Unitrends Backup
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »