CVE-2001-1322 - Vulnerability Details

xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Linux
Xinetd	Xinetd

Configuration 1 [-]

OR	cpe:2.3:a:xinetd:xinetd:2.1.8.8:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.8_pre3:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre1:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre2:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre3:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre4:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre5:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre7:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre8:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre9:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre10:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre11:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre12:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre13:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre14:::::::*
	cpe:2.3:a:xinetd:xinetd:2.1.8.9_pre15:::::::*

Package	CPE	Advisory	Released Date
Red Hat Linux 7.0
	cpe:/o:redhat:linux:7.0	RHSA-2001:075	2001-06-07T00:00:00Z
Red Hat Linux 7.1
	cpe:/o:redhat:linux:7.1	RHSA-2001:075	2001-06-07T00:00:00Z

References

Link	Providers
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01
http://www.debian.org/security/2001/dsa-063
http://www.iss.net/security_center/static/6657.php
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3
http://www.linuxsecurity.com/advisories/other_advisory-1469.html
http://www.redhat.com/support/errata/RHSA-2001-075.html
http://www.securityfocus.com/bid/2826
https://nvd.nist.gov/vuln/detail/CVE-2001-1322
https://www.cve.org/CVERecord?id=CVE-2001-1322

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-06-25T04:00:00

Updated: 2024-08-08T04:51:07.600Z

Reserved: 2002-05-01T00:00:00

Link: CVE-2001-1322

Vulnrichment

No data.

NVD

Status : Modified

Published: 2001-07-10T04:00:00.000

Modified: 2024-11-20T23:37:25.017

Link: CVE-2001-1322

Redhat

Severity :

Publid Date: 2001-06-11T00:00:00Z

Links: CVE-2001-1322 - Bugzilla

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object