CVE-2013-4342
Published: 10 October 2013
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
xinetd Launchpad, Ubuntu, Debian |
artful |
Ignored
(end of life)
|
| bionic |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| cosmic |
Ignored
(end of life)
|
|
| disco |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| eoan |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| focal |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| groovy |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| hirsute |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| lucid |
Ignored
(end of life)
|
|
| precise |
Ignored
(end of life)
|
|
| quantal |
Ignored
(end of life)
|
|
| raring |
Ignored
(end of life)
|
|
| saucy |
Ignored
(end of life)
|
|
| trusty |
Not vulnerable
(1:2.3.15-3ubuntu1)
|
|
| upstream |
Released
(1:2.3.15-2)
|
|
| utopic |
Ignored
(end of life)
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Ignored
(end of life)
|
|
| xenial |
Not vulnerable
(1:2.3.15-6)
|
|
| yakkety |
Ignored
(end of life)
|
|
| zesty |
Ignored
(end of life)
|
|
|
Patches: vendor: https://rhn.redhat.com/errata/RHSA-2013-1409.html other: https://github.com/xinetd-org/xinetd/pull/10/files |
||