CVE-2001-1322

Name of the Vulnerable Software and Affected Versions xinetd versions 2.1.8 and earlier

Description The issue concerns multiple vulnerabilities in the xinetd package, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. A key aspect of this issue is that xinetd runs with a default umask of 0, potentially allowing local users to read or modify files created by applications running under xinetd that do not set their own safe umask.

Recommendations For xinetd versions 2.1.8 and earlier, consider setting a safe umask for applications running under xinetd to prevent unauthorized access to files. As a temporary workaround, restrict access to sensitive files and directories that may be affected by the default umask setting until a patch or update is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.