FKIE_CVE-2013-7440

Vulnerability from fkie_nvd - Published: 2016-06-07 18:59 - Updated: 2025-04-12 10:46
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate.
References
secalert@redhat.comhttp://seclists.org/oss-sec/2015/q2/483
secalert@redhat.comhttp://seclists.org/oss-sec/2015/q2/523
secalert@redhat.comhttp://www.securityfocus.com/bid/74707
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2016:1166
secalert@redhat.comhttps://bugs.python.org/issue17997
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1224999
secalert@redhat.comhttps://hg.python.org/cpython/rev/10d0edadbcdd
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2015/q2/483
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/oss-sec/2015/q2/523
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/74707
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2016:1166
af854a3a-2127-422b-91ae-364da2661108https://bugs.python.org/issue17997
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1224999
af854a3a-2127-422b-91ae-364da2661108https://hg.python.org/cpython/rev/10d0edadbcdd
Impacted products
Vendor Product Version
python python *
python python 3.0
python python 3.0.1
python python 3.1
python python 3.1.1
python python 3.1.2
python python 3.1.3
python python 3.1.4
python python 3.1.5
python python 3.1.2150
python python 3.2
python python 3.2
python python 3.2.0
python python 3.2.1
python python 3.2.2
python python 3.2.3
python python 3.2.4
python python 3.2.5
python python 3.2.6
python python 3.2.2150
python python 3.3
python python 3.3
python python 3.3.0
python python 3.3.1
python python 3.3.1
python python 3.3.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D10FF2-EEA1-4CEF-B1C5-158E40E59463",
              "versionEndIncluding": "2.7.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0C702F-59E0-40AB-BA95-8F0803AB0550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3190C547-7230-476C-A43F-641FE7B891EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AC7EE5-F01D-4F28-80D1-4076B7B24BA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B547525-E0DB-4D64-8ED1-AF3F1B6FF65F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19064C18-1CD7-4F10-8065-4B900BB31F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1997CB6-FD72-4B13-915A-7500AA06F4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A1811C-4E97-4226-8335-ADF0827A03B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2C50D1-187B-4E98-BA02-008D0ED4C220",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.2150:*:*:*:*:*:x64:*",
              "matchCriteriaId": "9EB9683A-EE1C-4EB6-BF27-39A274B37D3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "87845E79-F4A3-4390-9ACF-A14E86BCDB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "E2C8F3C4-91AB-4AE3-A2FB-A093F97742FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B511BDFA-D1DC-4E50-9A08-66DA05947A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0708E98D-5C84-47DC-89E5-8BB7CFFB12A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6595C4F3-5683-4889-AD30-83840F6A58D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "027FD902-9B08-4EDF-9F83-314FBF0583ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "89FB9D30-8559-4F57-9D20-DC603765B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "957FCB4A-32D0-4449-8995-80144CC713B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C17A0E8D-7611-42F7-896E-F2B3BC25643D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.2150:*:*:*:*:*:*:*",
              "matchCriteriaId": "F236E583-D23D-4769-8A25-EBFC930E4798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DF7665B-3A10-46D1-B486-AFC9ED6C0B8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "0E2DAB9D-5D7D-40ED-8110-E3FDF7AE0729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "875ABC97-2783-41DA-AB9F-9E6F0870B74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5262D28D-204C-41E8-BC4D-27372E366295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0D553F40-92C2-4537-AF74-5F9307E20AE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "121225D0-C5DA-4F26-93B8-3D56BC1D38B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n ssl.match_hostname en CPython (tambi\u00e9n concida como Python) en versiones anteriores a 2.7.9 y 3.x en versiones anteriores a 3.3.3 no maneja correctamente comodines en los nombres de host, lo que podr\u00eda permitir a atacantes man-in-the-middle suplantar servidores a trav\u00e9s de un certificado manipulado."
    }
  ],
  "id": "CVE-2013-7440",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-07T18:59:00.120",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2015/q2/483"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/oss-sec/2015/q2/523"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/74707"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2016:1166"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.python.org/issue17997"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1224999"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://hg.python.org/cpython/rev/10d0edadbcdd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2015/q2/483"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/oss-sec/2015/q2/523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/74707"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2016:1166"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.python.org/issue17997"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1224999"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://hg.python.org/cpython/rev/10d0edadbcdd"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-19"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.