CVE-2010-3492
7.2 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.038 Low
EPSS
Percentile
91.7%
The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.
| CPE | Name | Operator | Version |
|---|---|---|---|
| python:python | python | le | 2.7 |
| python:python | python | lt | 3.1.2 |
References
bugs.python.org/issue6706
www.mandriva.com/security/advisories?name=MDVSA-2010:215
www.mandriva.com/security/advisories?name=MDVSA-2010:216
www.openwall.com/lists/oss-security/2010/09/09/6
www.openwall.com/lists/oss-security/2010/09/11/2
www.openwall.com/lists/oss-security/2010/09/22/3
www.openwall.com/lists/oss-security/2010/09/24/3
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111
Related
7.2 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.038 Low
EPSS
Percentile
91.7%