Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0211Missing Release of Memory after Effective Lifetime in Xinetd

7 documents7 sources
Severity
5.0MEDIUMNVD
EPSS
9.3%
top 7.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
XinetdDebian Xinetd
Timeline
PublishedMay 5
Latest updateApr 29

Description

Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/xinetd< xinetd 1:2.3.11 (bookworm)
Debianxinetd/xinetd< 1:2.3.11+3
NVDxinetd/xinetd11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-j4xh-x4qx-86fr: Memory leak in xinetd 22022-04-29
OSV
CVE-2003-0211: Memory leak in xinetd 22003-05-05

💥Exploits & PoCs

1
Exploit-DB
Xinetd 2.1.x/2.3.x - Rejected Connection Memory Leakage Denial of Service2003-04-18

📋Vendor Advisories

2
Red Hat
security flaw2003-04-18
Debian
CVE-2003-0211: xinetd - Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of servic...2003

💬Community

1
Bugzilla
CVE-2003-0211 security flaw2018-08-16
CVE-2003-0211 — Debian Xinetd vulnerability | cvebase