Linux Distros Unpatched Vulnerability : CVE-2023-29483

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Linux host has packages vulnerable to CVE-2023-29483, with no vendor patches available.

Reporter	Title	Published	Views	Family All 146
IBM Security Bulletins	Security Bulletin: Vulnerability in Dnspython affects IBM Process Mining CVE-2023-29483	29 Mar 202410:39	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in python-dns affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products	19 Feb 202510:44	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in multiple components affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products	30 Jun 202513:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Concert Software is vulnerable to multiple issues	15 Apr 202503:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to CVE-2023-29483.	13 Sep 202407:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Fusion HCI Installer is vulnerable to arbitrary code execution, gaining of elevated privileges, obtaining sensitive information, and denial of service due to various Python packages	17 Dec 202418:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities	16 Apr 202521:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Dnspython denial of service vulnerability[ CVE-2023-29483]	5 Aug 202421:47	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Fusion and IBM Fusion HCI are vulnerable to retrieval of senstive informtion, arbitrary code execution, denial of service, and security restrictions bypass	17 Dec 202418:19	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Maximo Visual Inspection Component uses dnspython-2.3.0-py3-none-any.whl which is vulnerable to this CVE-2023-29483	11 Oct 202416:18	–	ibm

Source	Link
access	www.access.redhat.com/security/cve/cve-2023-29483
security-tracker	www.security-tracker.debian.org/tracker/CVE-2023-29483
ubuntu	www.ubuntu.com/security/CVE-2023-29483
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(226329);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/10/28");

  script_cve_id("CVE-2023-29483");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-29483");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS
    name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a
    TuDoor attack. In other words, dnspython does not have the preferred behavior in which the DNS name
    resolution algorithm would proceed, within the full time window, in order to wait for a valid packet.
    NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1. (CVE-2023-29483)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2023-29483");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-29483");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2023-29483");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:U/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-29483");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/04/04");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:8");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:dnspython");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python-dns");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:python3-dns");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:dnspython");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-dns");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-dns");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/CentOS Linux-8", "Host/OS/Debian Linux-11", "Host/OS/Debian Linux-12", "Host/OS/Red Hat Enterprise Linux-8", "Host/OS/Ubuntu Linux-14.04", "Host/OS/Ubuntu Linux-16.04", "Host/OS/Ubuntu Linux-18.04", "Host/OS/Ubuntu Linux-20.04", "Host/OS/Ubuntu Linux-22.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/CentOS/rpm-list")) && empty_or_null(get_one_kb_item("Host/Debian/dpkg-l")) && empty_or_null(get_one_kb_item("Host/RedHat/rpm-list"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "python3-dnspython"}
        ]
      }
    ]
  },
  "Debian Linux-12": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "12",
        "pkgs": [
          {"reference": "python3-dnspython"}
        ]
      }
    ]
  },
  "Ubuntu Linux-22.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "22.04",
        "pkgs": [
          {"reference": "python3-dnspython"}
        ]
      }
    ]
  },
  "Ubuntu Linux-14.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "14.04",
        "pkgs": [
          {"reference": "python-dnspython"}
        ]
      }
    ]
  },
  "Ubuntu Linux-16.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "16.04",
        "pkgs": [
          {"reference": "python-dnspython"}
        ]
      }
    ]
  },
  "Ubuntu Linux-18.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "18.04",
        "pkgs": [
          {"reference": "python-dnspython"},
          {"reference": "python3-dnspython"}
        ]
      }
    ]
  },
  "Ubuntu Linux-20.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "20.04",
        "pkgs": [
          {"reference": "python-dnspython"},
          {"reference": "python3-dnspython"}
        ]
      }
    ]
  },
  "CentOS Linux-8": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "8",
        "pkgs": [
          {"reference": "python-dns"},
          {"reference": "python3-dns"}
        ]
      }
    ]
  },
  "Red Hat Enterprise Linux-8": {
    "package_manager": "rpm-list",
    "constraints": [
      {
        "release": "8",
        "pkgs": [
          {"reference": "python-dns"},
          {"reference": "python3-dns"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

28 Oct 2025 00:00Current

7High risk

Vulners AI Score7

CVSS 3.17

EPSS0.08388

SSVC