Vulnerability Description
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
CVSS Score
3.6
LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Xinetd | Xinetd | 2.1.8.8 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404
- http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01
- http://www.debian.org/security/2001/dsa-063
- http://www.iss.net/security_center/static/6657.phpVendor Advisory
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3
- http://www.linuxsecurity.com/advisories/other_advisory-1469.htmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2001-075.html
- http://www.securityfocus.com/bid/2826
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404
- http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01
- http://www.debian.org/security/2001/dsa-063
- http://www.iss.net/security_center/static/6657.phpVendor Advisory
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3
- http://www.linuxsecurity.com/advisories/other_advisory-1469.htmlVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2001-075.html
FAQ
What is CVE-2001-1322?
CVE-2001-1322 is a vulnerability with a CVSS score of 3.6 (LOW). xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe u...
How severe is CVE-2001-1322?
CVE-2001-1322 has been rated LOW with a CVSS base score of 3.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1322?
Check the references section above for vendor advisories and patch information. Affected products include: Xinetd Xinetd.