Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0825

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0825
Last Modified 10 Sep 2008 03:09:01
Published 06 Dec 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0825

Summary

Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check.

Vulnerable Systems

Application

  • Xinetd 2.1.8.8

  • Xinetd 2.1.8.9

  • Xinetd 2.3.0

  • Xinetd 2.3.1


References

BID - 2971

REDHAT - RHSA-2001:092

CONECTIVA - CLA-2001:406

XF - xinetd-zero-length-bo(6804)

IMMUNIX - IMNX-2001-70-029-01


Last Updated: 27 May 2016 10:36:24