Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0536

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2000-0536
Last Modified 05 Sep 2008 04:21:15
Published 04 Jun 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0536

Summary

xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry.

Vulnerable Systems

Application

  • Xinetd 2.1.87

  • Xinetd 2.1.88

  • Xinetd 2.1.88 Pre1

  • Xinetd 2.1.88 Pre2

  • Xinetd 2.1.89 Pre1

  • Xinetd 2.1.89 Pre2

  • Xinetd 2.1.89 Pre3

  • Xinetd 2.1.89 Pre4

  • Xinetd 2.1.89 Pre5


References

XF - xinetd-improper-restrictions

CONFIRM - http://www.synack.net/xinetd/

BID - 1381

DEBIAN - 20000619 xinetd: bug in access control mechanism


Last Updated: 27 May 2016 10:35:45