Lucene search

K

[email protected]NVD:CVE-2010-3492

HistoryOct 19, 2010 - 8:00 p.m.

CVE-2010-3492

2010-10-1920:00:04

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

91.9%

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.

Affected configurations

NVD

Node

pythonpythonRange≤2.7

OR

pythonpythonRange3.0–3.1.2

References

bugs.python.org/issue6706

www.mandriva.com/security/advisories?name=MDVSA-2010:215

www.mandriva.com/security/advisories?name=MDVSA-2010:216

www.openwall.com/lists/oss-security/2010/09/09/6

www.openwall.com/lists/oss-security/2010/09/11/2

www.openwall.com/lists/oss-security/2010/09/22/3

www.openwall.com/lists/oss-security/2010/09/24/3

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.3 Medium

AI Score

Confidence

Low

0.038 Low

EPSS

Percentile

91.9%

Related for NVD:CVE-2010-3492

cvelist4 prion4 f51 debiancve3 ubuntucve3 cve4 securityvulns2 osv3 nvd3 openvas5 nessus4 github2 veracode1 gentoo1 ibm1