Debian Xinetd vulnerabilities

CVE-2013-4342 [HIGH] CVE-2013-4342: xinetd - xinetd does not enforce the user and group configuration directives for TCPMUX s... xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service. Scope: local bookworm: resolved (fixed in 1:2.3.15-2) bullseye: resolved (fixed in 1:2.3.15-2) forky: resolved (fixed in 1:2.3

CVE-2012-0862 [MEDIUM] CVE-2012-0862: xinetd - builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpm... builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. Scope: local bookworm: resolved (fixed in 1:2.3.14-7.1) bullseye: resolved (fixed in 1:2.3.14-7.1) forky: resolved (fixed in

CVE-2003-0211 [MEDIUM] CVE-2003-0211: xinetd - Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of servic... Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections. Scope: local bookworm: resolved (fixed in 1:2.3.11) bullseye: resolved (fixed in 1:2.3.11) forky: resolved (fixed in 1:2.3.11) sid: resolved (fixed in 1:2.3.11) trixie: resolved (fixed in 1:2.3.11)

CVE-2002-0871 [LOW] CVE-2002-0871: xinetd - xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are lau... xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe. Scope: local bookworm: resolved (fixed in 1:2.3.7-1) bullseye: resolved (fixed in 1:2.3.7-1) forky: resolved (fixed in 1:2.3.7-1) sid: resolved (fixed in 1:2.3.7-1) trixie: resolved (fixed in 1:2.3.7