spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Spread | Canonical | * | * |
| Spread | Ubuntu | dapper | * |
| Spread | Ubuntu | devel | * |
| Spread | Ubuntu | edgy | * |
| Spread | Ubuntu | feisty | * |
| Spread | Ubuntu | gutsy | * |
| Spread | Ubuntu | hardy | * |
| Spread | Ubuntu | intrepid | * |
| Spread | Ubuntu | jaunty | * |
| Spread | Ubuntu | karmic | * |
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617
- http://www.securityfocus.com/bid/18675
- https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375617
- http://www.securityfocus.com/bid/18675
- https://launchpad.net/distros/ubuntu/+source/spread/+bug/44171