AZL-35352

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35352.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-35352

Upstream

CVE-2013-4342

Published

2013-10-10T00:55:14Z

Modified

2026-04-21T04:24:42.419414Z

Summary

CVE-2013-4342 affecting package xinetd for versions less than 2.3.15-14

Details

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.

References

https://nvd.nist.gov/vuln/detail/CVE-2013-4342

Affected packages

Azure Linux:3 / xinetd

Package

Name: xinetd
Purl: pkg:rpm/azure-linux/xinetd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3.15-14

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35352.json"