Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-3493
HistoryOct 19, 2010 - 12:00 a.m.

CVE-2010-3493

2010-10-1900:00:00
ubuntu.com
ubuntu.com
11

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.115 Low

EPSS

Percentile

95.3%

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6,
2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service
(daemon outage) by establishing and then immediately closing a TCP
connection, leading to the accept function having an unexpected return
value of None, an unexpected value of None for the address, or an
ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function
having an ENOTCONN error, a related issue to CVE-2010-3492.

Bugs

Notes

Author Note
jdstrand python3.1 on Ubuntu 10.10 has additional patches on top of 3.1.2, including a fix for this issue
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpython2.4< 2.4.5-1ubuntu4.4UNKNOWN
ubuntu8.04noarchpython2.5< 2.5.2-2ubuntu6.2UNKNOWN
ubuntu10.04noarchpython2.6< 2.6.5-1ubuntu6.1UNKNOWN
ubuntu10.04noarchpython3.1< 3.1.2-0ubuntu3.1UNKNOWN

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.115 Low

EPSS

Percentile

95.3%