CVE-2010-3492

Published: 10/19/2010 Last updated: 8/7/2024 Reserved: 9/24/2010

The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (7)

conf-python-2-7 conf-python-2-7-dev conf-python-3 conf-python-3-7 conf-python-3-dev py termbox

Products affected (1)

Product	Vendor	Version
n/a	n/a	All versions >= V5.0.0 < V5.0.2

References (16)

http://www.openwall.com/lists/oss-security/2010/09/11/2
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:12111
http://www.openwall.com/lists/oss-security/2010/09/24/3
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
http://www.openwall.com/lists/oss-security/2010/09/11/2
http://bugs.python.org/issue6706
http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
https://oval.cisecurity.org/repository/search/definition/oval:org.mitre.oval:def:12111
http://www.openwall.com/lists/oss-security/2010/09/24/3
http://www.openwall.com/lists/oss-security/2010/09/22/3
http://www.openwall.com/lists/oss-security/2010/09/09/6
http://www.mandriva.com/security/advisories?name=MDVSA-2010:215