Test ID:	1.3.6.1.4.1.25623.1.0.118257
Category:	General
Title:	Python < 2.7.9, 3.4.x < 3.4.3 Validate TLS certificate (bpo-22417) - Linux
Summary:	Python is prone to a man-in-the-middle vulnerability.
Description:	Summary: Python is prone to a man-in-the-middle vulnerability. Vulnerability Insight: The HTTP clients in the httplib, urllib, urllib2, and xmlrpclib libraries in CPython (aka Python), when accessing an HTTPS URL, do not check the certificate against a trust store or verify that the server hostname matches a domain name in the subject's Common Name or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Affected Software/OS: Python prior to version 2.7.9 and versions 3.x prior to 3.4.3. Solution: Update to version 2.7.9, 3.4.3 or later. CVSS Score: 5.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9365 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html BugTraq ID: 71639 http://www.securityfocus.com/bid/71639 https://security.gentoo.org/glsa/201503-10 http://www.openwall.com/lists/oss-security/2014/12/11/1 RedHat Security Advisories: RHSA-2016:1166 https://access.redhat.com/errata/RHSA-2016:1166 RedHat Security Advisories: RHSA-2017:1162 https://access.redhat.com/errata/RHSA-2017:1162 RedHat Security Advisories: RHSA-2017:1868 https://access.redhat.com/errata/RHSA-2017:1868
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.