Lucene search

PRIOn knowledge basePRION:CVE-2010-3495

HistoryOct 19, 2010 - 8:00 p.m.

Race condition

2010-10-1920:00:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.038 Low

EPSS

Percentile

91.6%

JSON

Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.

CPENameOperatorVersion
zodbeq3.9.0
zodbeq3.8.2
zodbeq3.2
zodbeq3.9.0-b5
zodbeq2.11.4
zodbeq2.9.11
zodbeq3.8.0
zodbeq3.5
zodbeq3.4
zodbeq3.1.1

Name	Operator	Version
zodb	eq	3.9.0
zodb	eq	3.8.2
zodb	eq	3.2
zodb	eq	3.9.0-b5
zodb	eq	2.11.4
zodb	eq	2.9.11
zodb	eq	3.8.0
zodb	eq	3.5
zodb	eq	3.4
zodb	eq	3.1.1

Rows per page:

1-10 of 281

References

bugs.python.org/issue6706

lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

secunia.com/advisories/41755

www.openwall.com/lists/oss-security/2010/09/09/6

www.openwall.com/lists/oss-security/2010/09/11/2

www.openwall.com/lists/oss-security/2010/09/22/3

www.openwall.com/lists/oss-security/2010/09/24/3

bugs.launchpad.net/zodb/+bug/135108

pypi.python.org/pypi/ZODB3/3.10.0

6.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.038 Low

EPSS

Percentile

91.6%

JSON

Related for PRION:CVE-2010-3495