Home > Vulnerability Database > CVE-2010-3493

Mend.io Vulnerability Database

CVE-2010-3493

Good to know:

Date: October 19, 2010

Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.

Language: C

Severity Score

3.7

Related Resources (28)

Url: http://www.ubuntu.com/usn/USN-1613-1

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:215

Url: https://bugzilla.redhat.com/show_bug.cgi?id=632200

Url: http://www.openwall.com/lists/oss-security/2010/09/11/2

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2010:216

Url: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

Url: http://www.ubuntu.com/usn/USN-1613-2

Url: http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

Url: http://secunia.com/advisories/43068

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2010-3493

Url: http://www.vupen.com/english/advisories/2011/0212

Url: http://www.ubuntu.com/usn/USN-1596-1

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12210

Url: http://www.securityfocus.com/bid/44533

Url: http://svn.python.org/view?view=rev&revision=84289

Url: http://secunia.com/advisories/51040

Url: http://secunia.com/advisories/51024

Url: https://access.redhat.com/security/cve/CVE-2010-3493

Url: http://bugs.python.org/issue9129

Url: https://bugs.launchpad.net/zodb/+bug/135108

Url: http://www.openwall.com/lists/oss-security/2010/09/22/3

Url: http://www.openwall.com/lists/oss-security/2010/09/24/3

Url: http://bugs.python.org/issue6706

Url: http://secunia.com/advisories/50858

Url: http://svn.python.org/view/python/branches/py3k/Lib/smtpd.py?r1=84289&r2=84288&pathrev=84289

Url: http://www.openwall.com/lists/oss-security/2010/09/09/6

Url: https://nvd.nist.gov/vuln/detail/CVE-2010-3493

Url: https://www.mend.io/vulnerability-database/CVE-2010-3493

Severity Score

3.7

Weakness Type (CWE)

Race Conditions

CWE-362

Top Fix

Upgrade Version

Upgrade to version 2.6.7,2.7.1,3.2,3.1.3

Learn More

CVSS v3.1

Base Score:	3.7
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2010-3493

Good to know:

Date: October 19, 2010

Language: C

Severity Score

Related Resources (28)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?