VanDyke Software

Security Advisory

Got a question or comment?   Send us a question or comment

Security Advisory

Impact of the Python 2.7.9 CVE-2016-5699 vulnerability in SecureCRT

Posted: March 8, 2017

Description

SecureCRT

Windows

SecureCRT for Windows is not affected by this vulnerability.  It cannot be exploited because attempting to import urllib or urllib2 in order to use HTTPConnection results in an error being thrown by the scripting engine.  The underlying _socket lib that these two libraries require is not included in SecureCRT for Windows.

Mac/Linux

SecureCRT for Mac/Linux platforms uses the Python library that is installed on the system. It is recommended that the Python library be updated to version 2.7.10 or later.

Official Postings

https://www.cvedetails.com/cve/CVE-2016-5699/

Revision History

March 8, 2017 - Security Advisory Published

Related Links

VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.