CVE-2010-3492

EUVD-2010-3490
The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
pythonpython
𝑥
≤ 2.7
pythonpython
3.0 ≤
𝑥
< 3.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
python2.7
bullseye
2.7.18-8+deb11u1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
python2.6
dapper
dne
hardy
dne
jaunty
dne
karmic
dne
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
python2.7
dapper
dne
hardy
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
ignored
natty
not-affected
oneiric
not-affected
python3.1
dapper
dne
hardy
dne
jaunty
dne
karmic
ignored
lucid
ignored
maverick
ignored
natty
not-affected
oneiric
dne
python3.2
dapper
dne
hardy
dne
jaunty
dne
karmic
dne
lucid
dne
maverick
dne
natty
not-affected
oneiric
not-affected
References
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.openwall.com/lists/oss-security/2010/09/11/2
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/24/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.openwall.com/lists/oss-security/2010/09/11/2
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/24/3
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111