FKIE_CVE-2016-0772

Vulnerability from fkie_nvd - Published: 2016-09-02 14:59 - Updated: 2025-04-12 10:46
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
Summary
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-1626.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-1627.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-1628.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-1629.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2016-1630.html
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2016/06/14/9Mailing List
secalert@redhat.comhttp://www.securityfocus.com/bid/91225
secalert@redhat.comhttp://www.splunk.com/view/SP-CAAAPSV
secalert@redhat.comhttp://www.splunk.com/view/SP-CAAAPUE
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1303647Issue Tracking, Third Party Advisory
secalert@redhat.comhttps://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5Release Notes
secalert@redhat.comhttps://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2Release Notes
secalert@redhat.comhttps://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWSRelease Notes
secalert@redhat.comhttps://hg.python.org/cpython/rev/b3ce713fb9bePatch
secalert@redhat.comhttps://hg.python.org/cpython/rev/d590114c2394Patch
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2019/02/msg00011.html
secalert@redhat.comhttps://security.gentoo.org/glsa/201701-18
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1626.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1627.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1628.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1629.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1630.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2016/06/14/9Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91225
af854a3a-2127-422b-91ae-364da2661108http://www.splunk.com/view/SP-CAAAPSV
af854a3a-2127-422b-91ae-364da2661108http://www.splunk.com/view/SP-CAAAPUE
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1303647Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5Release Notes
af854a3a-2127-422b-91ae-364da2661108https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2Release Notes
af854a3a-2127-422b-91ae-364da2661108https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWSRelease Notes
af854a3a-2127-422b-91ae-364da2661108https://hg.python.org/cpython/rev/b3ce713fb9bePatch
af854a3a-2127-422b-91ae-364da2661108https://hg.python.org/cpython/rev/d590114c2394Patch
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201701-18
Impacted products
Vendor Product Version
python python 3.5.0
python python 3.5.1
python python 3.0
python python 3.0.1
python python 3.1.0
python python 3.1.1
python python 3.1.2
python python 3.1.3
python python 3.1.4
python python 3.1.5
python python 3.2.0
python python 3.2.1
python python 3.2.2
python python 3.2.3
python python 3.2.4
python python 3.2.5
python python 3.2.6
python python 3.3.0
python python 3.3.1
python python 3.3.2
python python 3.3.3
python python 3.3.4
python python 3.3.5
python python 3.3.6
python python 3.4.0
python python 3.4.1
python python 3.4.2
python python 3.4.3
python python 3.4.4
python python *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:3.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE44C8E0-6B74-46F8-A648-DEAF6576A960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF1E2B75-A884-4E41-92D0-371ED1B224C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC0C702F-59E0-40AB-BA95-8F0803AB0550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3190C547-7230-476C-A43F-641FE7B891EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B370D065-D08F-46B3-8B7B-8477A77F8E85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B547525-E0DB-4D64-8ED1-AF3F1B6FF65F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "19064C18-1CD7-4F10-8065-4B900BB31F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1997CB6-FD72-4B13-915A-7500AA06F4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A1811C-4E97-4226-8335-ADF0827A03B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF2C50D1-187B-4E98-BA02-008D0ED4C220",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B511BDFA-D1DC-4E50-9A08-66DA05947A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0708E98D-5C84-47DC-89E5-8BB7CFFB12A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6595C4F3-5683-4889-AD30-83840F6A58D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "027FD902-9B08-4EDF-9F83-314FBF0583ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "89FB9D30-8559-4F57-9D20-DC603765B346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "957FCB4A-32D0-4449-8995-80144CC713B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C17A0E8D-7611-42F7-896E-F2B3BC25643D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "875ABC97-2783-41DA-AB9F-9E6F0870B74C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5262D28D-204C-41E8-BC4D-27372E366295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "121225D0-C5DA-4F26-93B8-3D56BC1D38B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "52DD66F7-FE7B-4C1C-B07B-F9E4CEEA7AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2C18A1-F202-4E48-8E29-F250AD1A6737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE1602B-6ECB-492B-BFEB-21AF40EE4A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "64662850-7460-46C2-852E-E047874F9660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D6658A8-E57E-4743-95D5-074F990D0D1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6C65BBA-4DC7-4F2F-90B1-75C6F3C68FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D0DBAEE-599A-44EB-A1E4-94CEBB406CAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CE28365-977E-47F2-8E2C-635D287149C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:python:python:3.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "57429DD4-C97C-46BC-9D22-941153183DCF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8EE5C8A-6D3B-4CDF-99DA-A2D4FA1EA31C",
              "versionEndIncluding": "2.7.11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a \"StartTLS stripping attack.\""
    },
    {
      "lang": "es",
      "value": "La librer\u00eda smtplib en CPython (tambi\u00e9n conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones anteriores a 3.5.2 no devuelve un error cuando StartTLS falla, lo que podr\u00eda permitir a atacantes man-in-the-middle eludir las protecciones TLS mediante el aprovechamiento de una posici\u00f3n de red entre el cliente y el registro para bloquear el comando StartTLS, tambi\u00e9n conocido como un \"ataque de decapado StartTLS\"."
    }
  ],
  "id": "CVE-2016-0772",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-09-02T14:59:00.127",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1626.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1627.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1628.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1629.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1630.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/06/14/9"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/91225"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.splunk.com/view/SP-CAAAPSV"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.splunk.com/view/SP-CAAAPUE"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://hg.python.org/cpython/rev/b3ce713fb9be"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://hg.python.org/cpython/rev/d590114c2394"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/201701-18"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1627.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1630.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/06/14/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.splunk.com/view/SP-CAAAPSV"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.splunk.com/view/SP-CAAAPUE"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://hg.python.org/cpython/raw-file/v2.7.12/Misc/NEWS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://hg.python.org/cpython/rev/b3ce713fb9be"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://hg.python.org/cpython/rev/d590114c2394"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201701-18"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-693"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.