{"id":"PYSEC-2010-27","details":"Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, a related issue to CVE-2010-3492.","aliases":["CVE-2010-3495","GHSA-j6m4-frxh-p4x8"],"modified":"2024-05-01T16:58:37.142621Z","published":"2010-10-19T20:00:00Z","references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/09/11/2"},{"type":"ADVISORY","url":"http://secunia.com/advisories/41755"},{"type":"WEB","url":"http://pypi.python.org/pypi/ZODB3/3.10.0#id1"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/09/22/3"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/09/24/3"},{"type":"WEB","url":"http://bugs.python.org/issue6706"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2010/09/09/6"},{"type":"WEB","url":"https://bugs.launchpad.net/zodb/+bug/135108"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"}],"affected":[{"package":{"name":"zodb3","ecosystem":"PyPI","purl":"pkg:pypi/zodb3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0a1"}]}],"versions":["3.1.5","3.2.10","3.3.1","3.4.2","3.5.0","3.5.1","3.6.0","3.7.0","3.7.2","3.8.0","3.8.0a1","3.8.0b1","3.8.0b2","3.8.0b3","3.8.0b4","3.8.0c1","3.8.1","3.8.1b1","3.8.1b2","3.8.1b3","3.8.1b4","3.8.1b5","3.8.1b6","3.8.1b7","3.8.1b8","3.8.1b9","3.8.2","3.8.3","3.8.3b1","3.8.4","3.8.5","3.8.6","3.9.0","3.9.0a1","3.9.0a10","3.9.0a11","3.9.0a12","3.9.0a2","3.9.0a3","3.9.0a4","3.9.0a5","3.9.0a6","3.9.0a7","3.9.0a9","3.9.0b1","3.9.0b2","3.9.0b3","3.9.0b4","3.9.0b5","3.9.0c1","3.9.0c2","3.9.0c3","3.9.1","3.9.2","3.9.3","3.9.4","3.9.5","3.9.6","3.9.7"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/zodb3/PYSEC-2010-27.yaml"}}],"schema_version":"1.7.3"}