CVE-2012-0862

{"id": "CVE-2012-0862", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-06-04T20:55:02.447", "references": [{"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081428.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081446.html", "source": "secalert@redhat.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1302.html", "source": "secalert@redhat.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:155", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/09/5", "source": "secalert@redhat.com"}, {"url": "http://www.openwall.com/lists/oss-security/2012/05/10/2", "source": "secalert@redhat.com"}, {"url": "http://www.osvdb.org/81774", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/53720", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1027050", "source": "secalert@redhat.com"}, {"url": "http://www.xinetd.org/#changes", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/attachment.cgi?id=583311", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790940", "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75965", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1."}, {"lang": "es", "value": "builtins.c de Xinetd en versiones anteriores a la 2.3.15 no comprueba el tipo de servicio cuando el servicio tcpmux-server est\u00e1 habilitado, lo que expone todos los servicios habilitados y permite a atacantes remotos evitar las restricciones de acceso previstas a trav\u00e9s de una petici\u00f3n a tcpmux puerto 1."}], "lastModified": "2017-08-29T01:31:04.727", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xinetd:xinetd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5133E5DD-16A3-482A-A72E-0703F314C5E2", "versionEndIncluding": "2.3.14"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82CB46D4-DF79-4464-8264-D65D0DA784E9"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A45BAD0A-2620-4AC2-9774-41D1D6F61F57"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B48B3E9-43F9-4F83-A7DE-2FDAA10A2DB3"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D8A6F25-6188-4A27-BAC8-38033A275BBA"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0E3C40F-C4BB-4518-B839-5A4FB1614679"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A64D3005-CC91-4517-A4B0-4B1004163900"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6106B0C-7729-4AE8-821E-04A66638217F"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBFD5892-FC9A-4909-B5BD-8769F792DD03"}, {"criteria": "cpe:2.3:a:xinetd:xinetd:2.3.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E3C6E61-F904-4711-B957-7EC6932A93ED"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}