CVE-2024-34083

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

CVE-2024-34083 STARTTLS unencrypted commands injection

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

CVE-2024-34083 STARTTLS unencrypted commands injection

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

Denial Of Service (DoS)

Python is vulnerable to Denial of Service DoS. The attack is possible because of multiple race conditions in smtpd.py in the smtpd module, allowing a remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept...

SuSE 11.1 Security Update : Python (SAT Patch Number 3493)

The following issues have been fixed : - a race condition in the accept implementation of smtpd.py could lead to a denial of service. CVE-2010-3493 - integer overflows and insufficient size checks could crash the audioop module. CVE-2010-2089 / CVE-2010-1634 %NASLMINLEVEL 70300 C Tenable Network...

SuSE 10 Security Update : Python (ZYPP Patch Number 7314)

With this update of Python : - a race condition in the accept implementation of smtpd.py could lead to a denial of service. CVE-2010-3493 - integer overflows and insufficient size checks could crash the audioop and rgbimg modules. CVE-2010-2089 / CVE-2010-1634 / CVE-2009-4134 / CVE-2010-1449 /...

Mandriva Update for python MDVSA-2010:215 (python)

Check for the Version of python OpenVAS Vulnerability Test Mandriva Update for python MDVSA-2010:215 python Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Linux Security Advisory : python (MDVSA-2010:216)

Multiple vulnerabilities was discovered and corrected in python : The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the...

CVE-2010-3493

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service daemon outage by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None...