CVE-2023-29483

2024-04-1114:15:12

Debian Security Bug Tracker

security-tracker.debian.org

cve-2023-29483

eventlet

dnspython

remote attackers

dns name resolution

tudoor attack

ip address

source port

algorithm

time window

vulnerability

unix

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a “TuDoor” attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.

OSVersionArchitecturePackageVersionFilename
Debian12alldnspython<= 2.3.0-1dnspython_2.3.0-1_all.deb
Debian11alldnspython<= 2.0.0-1dnspython_2.0.0-1_all.deb
Debian10alldnspython<= 1.16.0-1+deb10u1dnspython_1.16.0-1+deb10u1_all.deb
Debian999alldnspython< 2.6.0-1dnspython_2.6.0-1_all.deb
Debian13alldnspython< 2.6.0-1dnspython_2.6.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	dnspython	<= 2.3.0-1	dnspython_2.3.0-1_all.deb
Debian	11	all	dnspython	<= 2.0.0-1	dnspython_2.0.0-1_all.deb
Debian	10	all	dnspython	<= 1.16.0-1+deb10u1	dnspython_1.16.0-1+deb10u1_all.deb
Debian	999	all	dnspython	< 2.6.0-1	dnspython_2.6.0-1_all.deb
Debian	13	all	dnspython	< 2.6.0-1	dnspython_2.6.0-1_all.deb