CVE-2010-3493

Name of the Vulnerable Software and Affected Versions Python versions 2.6 through 3.2 alpha

Description The issue is related to multiple race conditions in the smtpd.py module, allowing remote attackers to cause a denial of service by establishing and immediately closing a TCP connection. This leads to unexpected return values or errors in the accept function, such as None for the address, or ECONNABORTED, EAGAIN, or EWOULDBLOCK errors, or an ENOTCONN error in the getpeername function.

Recommendations For Python versions 2.6 through 3.2 alpha, consider disabling the smtpd module until a patch is available to prevent exploitation of this issue. Restrict access to the smtpd.py module to minimize the risk of denial of service attacks. Avoid using the accept and getpeername functions in the affected module until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.