VanDyke Software

Security Advisory

Security Advisory

Impact of the Python 2.7.9 CVE-2016-5699 vulnerability in SecureCRT


Posted: March 8, 2017

Description

SecureCRT

Windows

SecureCRT for Windows is not affected by this vulnerability.  It cannot be exploited because attempting to import urllib or urllib2 in order to use HTTPConnection results in an error being thrown by the scripting engine.  The underlying _socket lib that these two libraries require is not included in SecureCRT for Windows.

Mac/Linux

SecureCRT for Mac/Linux platforms uses the Python library that is installed on the system. It is recommended that the Python library be updated to version 2.7.10 or later.

Official Postings

Revision History

March 8, 2017 - Security Advisory Published