builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
CVSS Score
4.3
EPSS Score
0.005
Published
2012-06-04
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
CVSS Score
5.0
EPSS Score
0.093
Published
2003-05-05