FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

xinetd -- ignores user and group directives for TCPMUX services

Affected packages
xinetd < 2.3.15_1

Details

VuXML ID 5c34664f-2c2b-11e3-87c2-00215af774f0
Discovery 2005-08-23
Entry 2013-10-03

xinetd would execute configured TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root).

References

CVE Name CVE-2013-4342
URL http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678
URL https://bugzilla.redhat.com/show_bug.cgi?id=1006100

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.