5.9

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-29483

GHSA ID

GHSA-3rq5-2g8h-59hc

EPSS Score

0.89137%

CWE

CWE-696

Published

4/11/2024

Updated

6/26/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-29483

CVE-2023-29483: Potential DoS via the Tudoor mechanism in eventlet and dnspython

eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid packet from the expected IP address and source port, aka a "TuDoor" attack. In other words, dnspython does not have the preferred behavior in which the DNS name resolution algorithm would proceed, within the full time window, in order to wait for a valid packet. NOTE: dnspython 2.6.0 is unusable for a different reason that was addressed in 2.6.1.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2023-29483

CVE-2023-29483:

5.9

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2023-29483

GHSA ID

GHSA-3rq5-2g8h-59hc

EPSS Score

0.89137%

CWE

CWE-696

Published

4/11/2024

Updated

6/26/2024

KEV Status

Technology

Python

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
eventlet	pip	< 0.35.2	0.35.2
dnspython	pip	< 2.6.1	2.6.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability manifests in the UDP packet handling logic of both libraries. In eventlet's greendns.py, the udp function was modified to add 'ignore_errors' parameter and exception handling changes. In dnspython, both query.py and asyncquery.py received critical error handling updates for Truncated exceptions. The core issue was premature termination of DNS resolution when receiving invalid packets from the expected source IP/port, rather than continuing to wait for valid responses throughout the full timeout window. The patch diffs and commit messages explicitly show these functions were modified to add proper error continuation logic.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.9

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2023-29483: Potential DoS via the Tudoor mechanism in eventlet and dnspython

CVE-2023-29483:

5.9

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

5.9

5.9

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2023-29483: Potential DoS via the Tudoor mechanism in eventlet and dnspython

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI