CVE-2006-3118
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/06/2006
Last modified:
03/04/2025
Description
spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.
Impact
Base Score 2.0
1.20
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:canonical:spread:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617
- http://www.securityfocus.com/bid/18675
- https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617
- http://www.securityfocus.com/bid/18675
- https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171