CVE-2012-0862

Published: Jun 4, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

1027050

vdb-entry

x_refsource_SECTRACK

[oss-security] 20120509 CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port

mailing-list

x_refsource_MLIST

FEDORA-2012-8041

vendor-advisory

x_refsource_FEDORA

81774

vdb-entry

x_refsource_OSVDB

xinetd-tcpmux-weak-security(75965)

vdb-entry

x_refsource_XF

https://bugzilla.redhat.com/attachment.cgi?id=583311

x_refsource_MISC

RHSA-2013:1302

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=790940

x_refsource_MISC

FEDORA-2012-8061

vendor-advisory

x_refsource_FEDORA

[oss-security] 20120510 Re: CVE-2012-0862 assignment notification: xinetd enables unintentional services over tcpmux port

mailing-list

x_refsource_MLIST

53720

vdb-entry

x_refsource_BID

MDVSA-2012:155

vendor-advisory

x_refsource_MANDRIVA

http://www.xinetd.org/#changes

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2012-0862

Description

Affected Products

References