vulnerability
FreeBSD: VID-8d5368ef-40fe-11e6-b2ec-b499baebfeaf (CVE-2016-0772): Python -- smtplib StartTLS stripping vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | Jul 3, 2016 | Dec 10, 2025 | Dec 10, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
Jul 3, 2016
Added
Dec 10, 2025
Modified
Dec 10, 2025
Description
Red Hat reports: A vulnerability in smtplib allowing MITM attacker to perform a startTLS stripping attack. smtplib does not seem to raise an exception when the remote end (smtp server) is capable of negotiating starttls but fails to respond with 220 (ok) to an explicit call of SMTP.starttls(). This may allow a malicious MITM to perform a startTLS stripping attack if the client code does not explicitly check the response code for startTLS.
Solutions
freebsd-upgrade-package-python27freebsd-upgrade-package-python33freebsd-upgrade-package-python34freebsd-upgrade-package-python35
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.