Vulnerabilities > CVE-2006-3118 - Denial Of Service vulnerability in Spread Insecure Socket File Creation

047910
CVSS 1.2 - LOW
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
local
high complexity
canonical

Summary

spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.

Vulnerable Configurations

Part Description Count
Application
Canonical
1