Candidate: CVE-2012-0862 PublicDate: 2012-06-04 20:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0862 http://www.openwall.com/lists/oss-security/2012/05/09/5 Description: builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1. Ubuntu-Description: Notes: Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672381 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0862 https://bugs.launchpad.net/bugs/1016505 Priority: low Discovered-by: Thomas Swan Assigned-to: CVSS: Patches_xinetd: upstream_xinetd: released (2.3.15,1:2.3.14-7.1) hardy_xinetd: ignored (reached end-of-life) lucid_xinetd: ignored (reached end-of-life) natty_xinetd: ignored (reached end-of-life) oneiric_xinetd: ignored (reached end-of-life) precise_xinetd: ignored (reached end-of-life) precise/esm_xinetd: ignored (end of ESM support, was needed) quantal_xinetd: not-affected (1:2.3.14-7.1ubuntu1) raring_xinetd: not-affected (1:2.3.14-7.1ubuntu1) saucy_xinetd: not-affected (1:2.3.15-1ubuntu1) trusty_xinetd: not-affected (1:2.3.15-1ubuntu1) trusty/esm_xinetd: not-affected (1:2.3.15-1ubuntu1) utopic_xinetd: not-affected (1:2.3.15-1ubuntu1) vivid_xinetd: not-affected (1:2.3.15-1ubuntu1) vivid/stable-phone-overlay_xinetd: DNE vivid/ubuntu-core_xinetd: DNE wily_xinetd: not-affected (1:2.3.15-1ubuntu1) xenial_xinetd: not-affected (1:2.3.15-1ubuntu1) esm-infra/xenial_xinetd: not-affected (1:2.3.15-1ubuntu1) yakkety_xinetd: not-affected (1:2.3.15-1ubuntu1) zesty_xinetd: not-affected (1:2.3.15-1ubuntu1) artful_xinetd: not-affected (1:2.3.15-1ubuntu1) bionic_xinetd: not-affected (1:2.3.15-1ubuntu1) cosmic_xinetd: not-affected (1:2.3.15-1ubuntu1) disco_xinetd: not-affected (1:2.3.15-1ubuntu1) eoan_xinetd: not-affected (1:2.3.15-1ubuntu1) focal_xinetd: not-affected (1:2.3.15-1ubuntu1) groovy_xinetd: not-affected (1:2.3.15-1ubuntu1) hirsute_xinetd: not-affected (1:2.3.15-1ubuntu1) devel_xinetd: not-affected (1:2.3.15-1ubuntu1)