builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
CVSS Score
4.3
EPSS Score
0.005
Published
2012-06-04
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
CVSS Score
5.0
EPSS Score
0.093
Published
2003-05-05
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-09-05