CVE-2001-1322

Sažetak

xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.

Reference

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000404
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-024-01
http://www.debian.org/security/2001/dsa-063
http://www.iss.net/security_center/static/6657.php
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-055.php3
http://www.linuxsecurity.com/advisories/other_advisory-1469.html
http://www.redhat.com/support/errata/RHSA-2001-075.html
http://www.securityfocus.com/bid/2826

CVSS

Base:	3.6
Impact:	4.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

10-09-2008 - 19:10

Objavljeno

10-07-2001 - 04:00