Vulnerabilities > CVE-2006-3118 - Denial Of Service vulnerability in Spread Insecure Socket File Creation
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |