CVE-2010-3493
Python 2.6, 2.7, 3.1, 3.2 alpha - Denial of Service via Race Condition in smtpd.py
Title source: llmDescription
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
References (24)
Core 24
Core References
Patch x_refsource_confirm
http://svn.python.org/view/python/branches/py3k/Lib/smtpd.py?r1=84289&r2=84288&pathrev=84289
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/11/2
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=632200
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43068
Issue Tracking x_refsource_misc
https://bugs.launchpad.net/zodb/+bug/135108
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0212
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51040
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12210
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/50858
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
Patch, Vendor Advisory x_refsource_confirm
http://bugs.python.org/issue9129
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44533
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/24/3
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1596-1
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/22/3
Patch, Vendor Advisory x_refsource_misc
http://bugs.python.org/issue6706
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/09/6
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1613-2
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
Various Sources x_refsource_confirm
http://svn.python.org/view?view=rev&revision=84289
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/51024
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1613-1
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
Scores
EPSS
0.0192
EPSS Percentile
83.6%
Details
CWE
CWE-362
Status
published
Products (2)
python/python
3.1
python/python
3.2 alpha
Published
Oct 19, 2010
Tracked Since
Feb 18, 2026