CVE-2010-3492

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 77%
VendorProductVersion
pythonpython
𝑥
≤ 2.7
pythonpython
3.0 ≤
𝑥
< 3.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
python2.7
bullseye
2.7.18-8+deb11u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python2.6
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
python2.7
oneiric
not-affected
natty
not-affected
maverick
ignored
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
python3.1
oneiric
dne
natty
not-affected
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
dne
hardy
dne
dapper
dne
python3.2
oneiric
not-affected
natty
not-affected
maverick
dne
lucid
dne
karmic
dne
jaunty
dne
hardy
dne
dapper
dne
References
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.openwall.com/lists/oss-security/2010/09/11/2
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/24/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.openwall.com/lists/oss-security/2010/09/11/2
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/24/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111