CVE-2010-3495

Name of the Vulnerable Software and Affected Versions Zope Object Database (ZODB) versions prior to 3.10.0

Description The issue is related to a race condition in the ZEO/StorageServer.py module, allowing remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection. This leads to unexpected return values or errors, including an unexpected return value of None for the accept function, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error.

Recommendations For versions prior to 3.10.0, update to version 3.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the ZEO/StorageServer.py module to minimize the risk of exploitation.