Lucene search

[email protected]CVE-2010-3492

HistoryOct 19, 2010 - 8:00 p.m.

CVE-2010-3492

2010-10-1920:00:04

[email protected]

web.nvd.nist.gov

817

python

asyncore

denial of service

nvd

cve-2010-3492

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.

Affected configurations

NVD

Node

pythonpythonRange≤2.7

pythonpythonRange3.0–3.1.2

CPENameOperatorVersion
python:pythonpythonle2.7
python:pythonpythonlt3.1.2

CPE	Name	Operator	Version
python:python	python	le	2.7
python:python	python	lt	3.1.2

References

bugs.python.org/issue6706

www.mandriva.com/security/advisories?name=MDVSA-2010:215

www.mandriva.com/security/advisories?name=MDVSA-2010:216

www.openwall.com/lists/oss-security/2010/09/09/6

www.openwall.com/lists/oss-security/2010/09/11/2

www.openwall.com/lists/oss-security/2010/09/22/3

www.openwall.com/lists/oss-security/2010/09/24/3

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.3 High

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2010-3492

cvelist4 prion4 debiancve3 f51 ubuntucve3 nvd4 securityvulns2 osv3 cve3 nessus4 github2 veracode1 openvas5 gentoo1 ibm1