Wind River Support Network

HomeDefectsLIN6-4938

Fixed

LIN6-4938 : Security Advisory - xinetd - CVE-2013-4342

Created: Oct 16, 2013 Updated: Dec 3, 2018

Resolved Date: Dec 9, 2013

Previous ID: LIN3-9316

Found In Version: 6.0

Fix Version: 6.0.0.1

Severity: Severe

Applicable for: Wind River Linux 6

Description

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342

Workaround

Unknown

Steps to Reproduce

Unknown

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38