xinetd Insecure Default Umask Vulnerability

info
discussion
exploit
solution
references

xinetd Insecure Default Umask Vulnerability

A vulnerability exists in the xinetd daemon.

The xinetd daemon runs with umask 0. As a result, files created by applications that use the xinetd umask without explicitly setting permissions will be world writable.