Описание
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:2.3.15-1ubuntu1 |
| bionic | not-affected | 1:2.3.15-1ubuntu1 |
| cosmic | not-affected | 1:2.3.15-1ubuntu1 |
| devel | not-affected | 1:2.3.15-1ubuntu1 |
| disco | not-affected | 1:2.3.15-1ubuntu1 |
| eoan | not-affected | 1:2.3.15-1ubuntu1 |
| esm-apps/bionic | not-affected | 1:2.3.15-1ubuntu1 |
| esm-apps/focal | not-affected | 1:2.3.15-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 1:2.3.15-1ubuntu1 |
| esm-infra/xenial | not-affected | 1:2.3.15-1ubuntu1 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
builtins.c in Xinetd before 2.3.15 does not check the service type whe ...
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
EPSS
4.3 Medium
CVSS2