Linux Distros Unpatched Vulnerability : CVE-2016-0772

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The smtplib library in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allo...

K01955184: Python smtplib library vulnerability CVE-2016-0772

Security Advisory Description The smtplib library in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the...

SUSE: Security Advisory (SUSE-SU-2016:2270-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ruby: imap: StartTLS stripping attack (CVE-2016-0772).

net/imap does not seem to raise an exception when the remote end imap server fails to respond with taggedresponse NO/BAD or OK to an explicit call of imap.starttls. This may allow a malicious MITM to perform a starttls stripping attack if the client code does not explicitly set usessl = true on...

SUSE: Security Advisory (SUSE-SU-2016:2859-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2106-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0223-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2653-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2016-1036)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1663-1] python3.4 security update

Package : python3.4 Version : 3.4.2-1+deb8u2 CVE ID : CVE-2016-0772 CVE-2016-5636 CVE-2016-5699 CVE-2018-20406 CVE-2019-5010 This DLA fixes a a problem parsing x509 certificates, an pickle integer overflow, and some other minor issues: CVE-2016-0772 The smtplib library in CPython does not return ...

Debian: Security Advisory (DLA-1663-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : python (SUSE-SU-2019:0223-1) (httpoxy)

This update for python fixes the following issues : Security issues fixed : CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack bsc984751 CVE-2016-5636: heap overflow when importing malformed zip files bsc985177 CVE-2016-5699: incorrect validation of HTTP headers allow header...

SUSE-SU-2019:0223-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2016-0772: smtplib vulnerability opens startTLS stripping attack bsc984751 - CVE-2016-5636: heap overflow when importing malformed zip files bsc985177 - CVE-2016-5699: incorrect validation of HTTP headers allow header...

Security Bulletin: IBM Security Access Manager is affected by vulnerabilities in Python (CVE-2016-0772, CVE-2016-5699, CVE-2016-1000110)

Summary Vulnerabilities have been identified in Python. IBM Security Access Manager appliances use Python and are affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0772 DESCRIPTION: Python's smtplib library is vulnerable to a stripping attack. An exception isn't returned by...

Oracle Linux 7 : python (ELSA-2017-1868)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1868 advisory. - Fix for CVE-2016-1000110 HTTPoxy attack Resolves: rhbz1359164 - Fix for CVE-2016-5636: possible integer overflow and heap corruption in zipimporter.getdata...

EulerOS 2.0 SP1 : python (EulerOS-SA-2016-1036)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the Python CGIHandler class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote...

Ubuntu: Security Advisory (USN-3134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2016:2859-1 Security update for python3

This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user supplied Proxy request header. bsc989523 - CVE-2016-0772: A...

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2016:2859-1) (httpoxy)

This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed : - CVE-2016-1000110: CGIHandler could have allowed setting of HTTPPROXY environment variable based on user-supplied Proxy request header. bsc989523 - CVE-2016-0772: A...

Splunk Enterprise Multiple Vulnerabilities (Nov 2016)

Splunk Enterprise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk"; if...