CVE-2010-3493: Race Condition
First published: Thu Sep 09 2010(Updated: )
A race condition was found in the way Python's SMTP proxy module (smtpd.py) processed retrieving of remote IP address the socket was connected to (the other end could close the connection sooner before the requester could get the peername). A remote, unauthenticated user could use this flaw to cause the running python SMTP instance to terminate with uncaught exception by issuing sequence of connection requests within short time interval. References: [1] <a href="http://bugs.python.org/issue9129">http://bugs.python.org/issue9129</a> Upstream patch: [2] <a href="http://svn.python.org/view?view=rev&revision=84289">http://svn.python.org/view?view=rev&revision=84289</a>
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Python Python | =3.1 | |
| Python Python | =3.2-alpha | |
| debian/python2.5 | ||
| debian/python2.6 | ||
| debian/python3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://svn.python.org/view/python/branches/py3k/Lib/smtpd.py?r1=84289&r2=84288&pathrev=84289
- http://www.openwall.com/lists/oss-security/2010/09/24/3
- http://www.openwall.com/lists/oss-security/2010/09/11/2
- http://www.openwall.com/lists/oss-security/2010/09/22/3
- https://bugzilla.redhat.com/show_bug.cgi?id=632200
- http://bugs.python.org/issue9129
- http://svn.python.org/view?view=rev&revision=84289
- https://bugs.launchpad.net/zodb/+bug/135108
- http://www.openwall.com/lists/oss-security/2010/09/09/6
- http://bugs.python.org/issue6706
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
- http://www.securityfocus.com/bid/44533
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- http://www.vupen.com/english/advisories/2011/0212
- http://secunia.com/advisories/43068
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://www.ubuntu.com/usn/USN-1596-1
- http://www.ubuntu.com/usn/USN-1613-2
- http://www.ubuntu.com/usn/USN-1613-1
- http://secunia.com/advisories/51040
- http://secunia.com/advisories/50858
- http://secunia.com/advisories/51024
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12210
- http://svn.python.org/view/python/branches/py3k/Lib/smtpd.py?r1=84289&r2=84288&pathrev=84289
- http://svn.python.org/view?view=rev&revision=84289
- https://launchpad.net/bugs/cve/CVE-2010-3493
- http://svn.python.org/view?rev=87123&view=rev
- https://rhn.redhat.com/errata/RHSA-2011-0492.html
- https://rhn.redhat.com/errata/RHSA-2011-0491.html
- https://rhn.redhat.com/errata/RHSA-2011-0554.html
- https://security-tracker.debian.org/tracker/CVE-2010-3493
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493
- https://nvd.nist.gov/vuln/detail/CVE-2010-3493
- https://ubuntu.com/security/CVE-2010-3493
Frequently Asked Questions
What is CVE-2010-3493?
CVE-2010-3493 is a vulnerability in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha that allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None.
What is the severity of CVE-2010-3493?
CVE-2010-3493 has a severity rating of medium with a CVSS score of 4.3.
How does CVE-2010-3493 affect Python 2.6 and 2.7?
CVE-2010-3493 affects Python 2.6 and 2.7 by allowing remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None.
How does CVE-2010-3493 affect Python 3.1 and 3.2 alpha?
CVE-2010-3493 affects Python 3.1 and 3.2 alpha by allowing remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None.
What is the solution for CVE-2010-3493?
The solution for CVE-2010-3493 is to update to a patched version of Python or apply the appropriate patch provided by the vendor.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2010-3493
- agent/softwarecombine
- agent/author
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- collector/nvd-cve
- source/NVD
- agent/remedy
- agent/severity
- agent/description
- agent/event
- agent/references
- agent/weakness
- agent/tags
- collector/usn-cve
- source/Ubuntu
- vendor/python
- canonical/python python
- version/python python/3.1
- version/python python/3.2-alpha
- package-manager/debian