Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1322

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2001-1322
Last Modified 10 Sep 2008 03:10:15
Published 10 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1322

Summary

xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.

Vulnerable Systems

Application

  • Xinetd 2.1.8.8

  • Xinetd 2.1.8.8 Pre3

  • Xinetd 2.1.8.9 Pre1

  • Xinetd 2.1.8.9 Pre10

  • Xinetd 2.1.8.9 Pre11

  • Xinetd 2.1.8.9 Pre12

  • Xinetd 2.1.8.9 Pre13

  • Xinetd 2.1.8.9 Pre14

  • Xinetd 2.1.8.9 Pre15

  • Xinetd 2.1.8.9 Pre2

  • Xinetd 2.1.8.9 Pre3

  • Xinetd 2.1.8.9 Pre4

  • Xinetd 2.1.8.9 Pre5

  • Xinetd 2.1.8.9 Pre7

  • Xinetd 2.1.8.9 Pre8

  • Xinetd 2.1.8.9 Pre9


References

ENGARDE - ESA-20010621-01

XF - xinetd-insecure-permissions(6657)

BID - 2826

REDHAT - RHSA-2001:075

MANDRAKE - MDKSA-2001:055

DEBIAN - DSA-063

IMMUNIX - IMNX-2001-70-024-01

CONECTIVA - CLA-2001:404


Last Updated: 27 May 2016 10:36:37