CVE-2013-4342

Published: 10 October 2013

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

Priority

Low

Status

Package Release Status
xinetd
Launchpad, Ubuntu, Debian
Upstream
Released (1:2.3.15-2)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(1:2.3.15-3ubuntu1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(1:2.3.15-3ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1:2.3.15-3ubuntu1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(1:2.3.15-6)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1:2.3.15-3ubuntu1)
Patches:
Vendor: https://rhn.redhat.com/errata/RHSA-2013-1409.html
Other: https://github.com/xinetd-org/xinetd/pull/10/files