CVE-2006-3118

Sažetak

spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617
http://www.securityfocus.com/bid/18675
https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171

CVSS

Base:	1.2
Impact:	2.9
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:L/AC:H/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

05-09-2008 - 21:06

Objavljeno

30-06-2006 - 19:05