Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24487
HistoryApr 10, 2020 - 12:55 a.m.

Denial Of Service (DoS)

2020-04-1000:55:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12

0.115 Low

EPSS

Percentile

95.3%

Python is vulnerable to Denial of Service (DoS). The attack is possible because of multiple race conditions in smtpd.py in the smtpd module, allowing a remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.

References