{
  "id": "CVE-2006-3118",
  "sourceIdentifier": "security@debian.org",
  "published": "2006-06-30T19:05:00.000",
  "lastModified": "2024-11-21T00:12:51.570",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls.  NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue."
    },
    {
      "lang": "es",
      "value": "spread utiliza un archivo temporal con un nombre de archivo est\u00e1tico basado en el n\u00famero de puerto, lo que permite a los usuarios locales causar una denegaci\u00f3n de servicio, creando un archivo durante una condici\u00f3n de carrera entre llamadas a funciones \"unlink\" y \"blind\" NOTA: spread borra estos archivos temporales antes de su uso, lo que podr\u00eda causar conflictos con otros programas que usan el mismo nombre de archivo, pero esto no es un asunto distinto."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
          "baseScore": 1.2,
          "accessVector": "LOCAL",
          "accessComplexity": "HIGH",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "LOW",
        "exploitabilityScore": 1.9,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:canonical:spread:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBAC592F-0E73-44CA-AF3A-F351E30B7A4A"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617",
      "source": "security@debian.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/18675",
      "source": "security@debian.org"
    },
    {
      "url": "https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171",
      "source": "security@debian.org"
    },
    {
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.securityfocus.com/bid/18675",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}