Lucene search

[email protected]CVE-2010-3492

HistoryOct 19, 2010 - 8:00 p.m.

CVE-2010-3492

2010-10-1920:00:04

[email protected]

web.nvd.nist.gov

817

python

asyncore

denial of service

nvd

cve-2010-3492

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.3

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.

Affected configurations

NVD

Node

pythonpythonRange≤2.7

pythonpythonRange3.0–3.1.2

VendorProductVersionCPE
pythonpythoncpe:/a:python:python::::

Vendor	Product	Version	CPE
python	python		cpe:/a:python:python::::

References

bugs.python.org/issue6706

www.mandriva.com/security/advisories?name=MDVSA-2010:215

www.mandriva.com/security/advisories?name=MDVSA-2010:216

www.openwall.com/lists/oss-security/2010/09/09/6

www.openwall.com/lists/oss-security/2010/09/11/2

www.openwall.com/lists/oss-security/2010/09/22/3

www.openwall.com/lists/oss-security/2010/09/24/3

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

7.3

Confidence

High

EPSS

0.038

Percentile

91.9%

JSON

Related for CVE-2010-3492

cvelist4 prion4 ubuntucve3 debiancve3 f51 nvd4 securityvulns2 osv3 cve3 nessus4 openvas5 github2 veracode1 gentoo1 ibm1