Home > Vulnerability Database > CVE-2010-3493

Mend.io Vulnerability Database

CVE-2010-3493

Date: October 19, 2010

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.

Language: C

Severity Score

3.7

Related Resources (29)

Url: http://www.ubuntu.com/usn/USN-1613-1

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:215

Url: https://bugzilla.redhat.com/show_bug.cgi?id=632200

Url: http://www.openwall.com/lists/oss-security/2010/09/11/2

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:216

Url: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Url: http://www.ubuntu.com/usn/USN-1613-2

Url: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

Url: http://secunia.com/advisories/43068

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3493

Url: http://www.vupen.com/english/advisories/2011/0212

Url: http://www.ubuntu.com/usn/USN-1596-1

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12210

Url: http://www.securityfocus.com/bid/44533

Url: http://svn.python.org/view?view=rev&revision=84289

Url: http://secunia.com/advisories/51040

Url: http://secunia.com/advisories/51024

Url: https://access.redhat.com/security/cve/CVE-2010-3493

Url: http://bugs.python.org/issue9129

Url: https://bugs.launchpad.net/zodb/+bug/135108

Url: http://www.openwall.com/lists/oss-security/2010/09/22/3

Url: http://www.openwall.com/lists/oss-security/2010/09/24/3

Url: http://bugs.python.org/issue6706

Url: http://secunia.com/advisories/50858

Url: https://bugs.python.org/issue6706

Url: http://svn.python.org/view/python/branches/py3k/Lib/smtpd.py?r1=84289&r2=84288&pathrev=84289

Url: http://www.openwall.com/lists/oss-security/2010/09/09/6

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-3493

Url: https://www.mend.io/vulnerability-database/CVE-2010-3493

Severity Score

3.7

Weakness Type (CWE)

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-362

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-3493

Date: October 19, 2010

Language: C

Severity Score

Related Resources (29)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?