Potential DoS via the Tudoor mechanism in eventlet and dnspython

2024-04-1115:30:48

Google

osv.dev

dos attack

tudoor mechanism

eventlet

dnspython

dns name resolution

remote attackers

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.1%

JSON

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a “TuDoor” attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.

CPENameOperatorVersion
dnspythoneq1.3.2
dnspythoneq2.6.0rc1
eventleteq0.23.0
eventleteq0.13.0
eventleteq0.20.1
dnspythoneq1.3.0
eventleteq0.26.0
eventleteq0.17.4
dnspythoneq2.0.0
eventleteq0.22.1

Name	Operator	Version
dnspython	eq	1.3.2
dnspython	eq	2.6.0rc1
eventlet	eq	0.23.0
eventlet	eq	0.13.0
eventlet	eq	0.20.1
dnspython	eq	1.3.0
eventlet	eq	0.26.0
eventlet	eq	0.17.4
dnspython	eq	2.0.0
eventlet	eq	0.22.1