5

CVE-2010-3492

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PythonPython Version <= 2.7
PythonPython Version >= 3.0 < 3.1.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.63% 0.881
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
Third Party Advisory
http://bugs.python.org/issue6706
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2010/09/09/6
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/09/11/2
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/09/22/3
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2010/09/24/3
Third Party Advisory
Mailing List
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111
Third Party Advisory