CVE-2016-0772 - Protection Mechanism Failure

Severity

57%

Complexity

86%

Confidentiality

81%

The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

CVSS 3.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).

CVSS 2.0 Base Score 5.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N).

Overview

First reported 8 years ago

2016-09-02 14:59:00

Last updated 6 years ago

2019-02-09 11:29:00

Affected Software

Python 3.5.0

3.5.0

Python 3.5.1

3.5.1

Python 3.0

3.0

Python 3.0.1

3.0.1

Python 3.1.0

3.1.0

Python 3.1.1

3.1.1

Python 3.1.2

3.1.2

Python 3.1.3

3.1.3

Python 3.1.4

3.1.4

Python 3.1.5

3.1.5

Python 3.2.0

3.2.0

Python 3.2.1

3.2.1

Python 3.2.2

3.2.2

Python 3.2.3

3.2.3

Python 3.2.4

3.2.4

Python 3.2.5

3.2.5

Python 3.2.6

3.2.6

Python 3.3.0

3.3.0

Python 3.3.1

3.3.1

Python 3.3.2

3.3.2

Python 3.3.3

3.3.3

Python 3.3.4

3.3.4

Python 3.3.5

3.3.5

Python 3.3.6

3.3.6

Python 3.4.0

3.4.0

Python 3.4.1

3.4.1

Python 3.4.2

3.4.2

Python 3.4.3

3.4.3

Python 3.4.4

3.4.4

Python

References

openSUSE-SU-2020:0086

RHSA-2016:1626

RHSA-2016:1627

RHSA-2016:1628

RHSA-2016:1629

RHSA-2016:1630

[oss-security] 20160614 Python CVE-2016-0772: smtplib StartTLS stripping attack

Mailing List

91225

http://www.splunk.com/view/SP-CAAAPSV

http://www.splunk.com/view/SP-CAAAPUE

https://bugzilla.redhat.com/show_bug.cgi?id=1303647

Issue Tracking, Third Party Advisory

https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5

Release Notes

https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2

Release Notes

https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS

Release Notes

https://hg.python.org/cpython/rev/b3ce713fb9be

Patch

https://hg.python.org/cpython/rev/d590114c2394

Patch

[debian-lts-announce] 20190207 [SECURITY] [DLA 1663-1] python3.4 security update

GLSA-201701-18

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.