insecure socket file creation
Bug #44171 reported by
nodata
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
spread (Ubuntu) |
Fix Released
|
Low
|
Jérémie Corbier |
Bug Description
Binary package hint: spread
On start, spread creates a file /tmp/PORTNUMBER where PORTNUMBER is 4803 by default.
If an existing file named /tmp/PORTNUMBER exists, it will be deleted before a socket with the same name is created.
CVE References
To post a comment you must log in.
For the record: forwarded to upstream and to vendor-sec.