Python SSL Module CVE-2013-4238 Security Bypass Vulnerability

Bugtraq ID: 61738
Class: Design Error
CVE: CVE-2013-4238
Remote: Yes
Local: No
Published: Aug 12 2013 12:00AM
Updated: May 12 2015 07:47PM
Credit: Ryan Sleevi of the Google Chrome Security Team
Vulnerable: VMWare ESXi 5.5
VMWare ESXi 5.1
VMWare ESXi 5.0
Ubuntu Ubuntu Linux 13.04
Ubuntu Ubuntu Linux 12.10 i386
Ubuntu Ubuntu Linux 12.10 amd64
Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE SUSE Linux Enterprise Software Development Kit 11 SP3
SuSE SUSE Linux Enterprise Server 11 SP3 for VMware
SuSE SUSE Linux Enterprise Server 11 SP3
SuSE Suse Linux Enterprise Desktop 11 SP3
S.u.S.E. openSUSE 12.3
S.u.S.E. openSUSE 12.2
Redhat Enterprise Virtualization Hypervisor for RHEL 6 0
Redhat Enterprise Linux Workstation Optional 6
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server Optional 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node Optional 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 6
Python Software Foundation Python 3.4
Python Software Foundation Python 3.3
Python Software Foundation Python 3.2
Python Software Foundation Python 2.7.1
Python Software Foundation Python 2.7
Python Software Foundation Python 2.6
Oracle Solaris 11.1
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Mandriva Business Server 1 X86 64
Mandriva Business Server 1
F5 Enterprise Manager 3.1.1
F5 Enterprise Manager 3.1
F5 Enterprise Manager 3.0
F5 Enterprise Manager 2.3
F5 Enterprise Manager 2.1
F5 BIG-IQ Security 4.4
F5 BIG-IQ Security 4.3
F5 BIG-IQ Security 4.2
F5 BIG-IQ Security 4.1
F5 BIG-IQ Security 4.0
F5 BIG-IQ Device 4.4
F5 BIG-IQ Device 4.3
F5 BIG-IQ Device 4.2
F5 BIG-IQ Cloud 4.4
F5 BIG-IQ Cloud 4.3
F5 BIG-IQ Cloud 4.2
F5 BIG-IQ Cloud 4.1
F5 BIG-IQ Cloud 4.0
F5 BIG-IP WOM 11.2
F5 BIG-IP WOM 11.0
F5 BIG-IP WOM 10.2.4
F5 BIG-IP WOM 10.2.2
F5 BIG-IP WOM 10.2.1
F5 BIG-IP WOM 10.0
F5 BIG-IP WOM 11.3.0
F5 BIG-IP WOM 11.2.1 HF5
F5 BIG-IP WOM 11.2.1 HF3
F5 BIG-IP WOM 11.2.1
F5 BIG-IP WOM 11.2.0 HF5
F5 BIG-IP WOM 11.2.0 HF3
F5 BIG-IP WOM 11.1.0 HF7
F5 BIG-IP WOM 11.1.0
F5 BIG-IP WOM 10.2.1 HF1
F5 BIG-IP WebAccelerator 11.2.0 0
F5 BIG-IP WebAccelerator 11.3
F5 BIG-IP WebAccelerator 11.2.1 HF3
F5 BIG-IP WebAccelerator 11.2.1
F5 BIG-IP WebAccelerator 11.2 HF3
F5 BIG-IP WebAccelerator 11.1
F5 BIG-IP WebAccelerator 11.0
F5 BIG-IP WebAccelerator 10.2.4
F5 BIG-IP WebAccelerator 10.2.1
F5 BIG-IP WebAccelerator 10.0
F5 BIG-IP WebAccelerator 11.2.1 HF5
F5 BIG-IP WebAccelerator 11.2.0 HF5
F5 BIG-IP WebAccelerator 11.1.0 HF7
F5 BIG-IP WebAccelerator 10.2.1 HF1
F5 BIG-IP PSM 11.4.1
F5 BIG-IP PSM 11.3
F5 BIG-IP PSM 11.2
F5 BIG-IP PSM 11.1
F5 BIG-IP PSM 11.0
F5 BIG-IP PSM 10.2.4
F5 BIG-IP PSM 10.2.1
F5 BIG-IP PSM 10.0
F5 BIG-IP PSM 11.3.0 HF4
F5 BIG-IP PSM 11.2.1 HF5
F5 BIG-IP PSM 11.2.1 HF3
F5 BIG-IP PSM 11.2.1 HF2
F5 BIG-IP PSM 11.2.1 HF1
F5 BIG-IP PSM 11.2.1
F5 BIG-IP PSM 11.2.0 HF5
F5 BIG-IP PSM 11.2.0 HF3
F5 BIG-IP PSM 11.2.0 HF2
F5 BIG-IP PSM 11.1.0 HF7
F5 BIG-IP PSM 10.2.1 HF1
F5 BIG-IP PEM 11.5.1
F5 BIG-IP PEM 11.5
F5 BIG-IP PEM 11.3
F5 BIG-IP PEM 11.6.0
F5 BIG-IP PEM 11.4.1
F5 BIG-IP PEM 11.3.0 HF4
F5 BIG-IP LTM 11.5.1
F5 BIG-IP LTM 11.5
F5 BIG-IP LTM 11.2.1 HF3
F5 BIG-IP LTM 11.2 HF3
F5 BIG-IP LTM 11.2
F5 BIG-IP LTM 11.0
F5 BIG-IP LTM 10.2.4
F5 BIG-IP LTM 10.2.2
F5 BIG-IP LTM 10.0
F5 BIG-IP LTM 11.6.0
F5 BIG-IP LTM 11.5
F5 BIG-IP LTM 11.4.1
F5 BIG-IP LTM 11.3.0 HF4
F5 BIG-IP LTM 11.3.0
F5 BIG-IP LTM 11.2.1 HF5
F5 BIG-IP LTM 11.2.1 HF2
F5 BIG-IP LTM 11.2.1 HF1
F5 BIG-IP LTM 11.2.1
F5 BIG-IP LTM 11.2.0 HF5
F5 BIG-IP LTM 11.2.0 HF2
F5 BIG-IP LTM 11.1.0 HF7
F5 BIG-IP LTM 11.1.0
F5 BIG-IP LTM 10.2.1 HF1
F5 BIG-IP LTM 10.2.1
F5 BIG-IP Link Controller 11.2.0 0
F5 BIG-IP Link Controller 11.6
F5 BIG-IP Link Controller 11.5.1
F5 BIG-IP Link Controller 11.5
F5 BIG-IP Link Controller 11.3
F5 BIG-IP Link Controller 11.2.1 HF3
F5 BIG-IP Link Controller 11.2.1
F5 BIG-IP Link Controller 11.2 HF3
F5 BIG-IP Link Controller 11.1
F5 BIG-IP Link Controller 11.0
F5 BIG-IP Link Controller 10.2.4
F5 BIG-IP Link Controller 10.2.2
F5 BIG-IP Link Controller 10.2.1
F5 BIG-IP Link Controller 10.0
F5 BIG-IP Link Controller 11.4.1
F5 BIG-IP Link Controller 11.3.0 HF4
F5 BIG-IP Link Controller 11.2.1 HF5
F5 BIG-IP Link Controller 11.2.1 HF2
F5 BIG-IP Link Controller 11.2.1 HF1
F5 BIG-IP Link Controller 11.2.0 HF5
F5 BIG-IP Link Controller 11.2.0 HF2
F5 BIG-IP Link Controller 11.1.0 HF7
F5 BIG-IP Link Controller 10.2.1 HF1
F5 BIG-IP GTM 11.5.1
F5 BIG-IP GTM 11.5
F5 BIG-IP GTM 11.3
F5 BIG-IP GTM 11.2.1 HF3
F5 BIG-IP GTM 11.2
F5 BIG-IP GTM 11.0
F5 BIG-IP GTM 10.2.4
F5 BIG-IP GTM 10.2.2
F5 BIG-IP GTM 10.2.1
F5 BIG-IP GTM 10.0
F5 BIG-IP GTM 11.6.0
F5 BIG-IP GTM 11.4.1
F5 BIG-IP GTM 11.3.0 HF4
F5 BIG-IP GTM 11.2.1 HF5
F5 BIG-IP GTM 11.2.1 HF2
F5 BIG-IP GTM 11.2.1 HF1
F5 BIG-IP GTM 11.2.1
F5 BIG-IP GTM 11.2.0 HF5
F5 BIG-IP GTM 11.2.0 HF3
F5 BIG-IP GTM 11.2.0 HF2
F5 BIG-IP GTM 11.1.0 HF7
F5 BIG-IP GTM 11.1.0
F5 BIG-IP GTM 10.2.1 HF1
F5 BIG-IP Edge Gateway 11.3
F5 BIG-IP Edge Gateway 11.2.1 HF3
F5 BIG-IP Edge Gateway 11.2.1
F5 BIG-IP Edge Gateway 11.2 HF3
F5 BIG-IP Edge Gateway 11.2
F5 BIG-IP Edge Gateway 11.1
F5 BIG-IP Edge Gateway 11.0
F5 BIG-IP Edge Gateway 10.2.4
F5 BIG-IP Edge Gateway 10.2.2
F5 BIG-IP Edge Gateway 10.2.1
F5 BIG-IP Edge Gateway 10.1
F5 BIG-IP Edge Gateway 11.2.1 HF5
F5 BIG-IP Edge Gateway 11.2.1 HF2
F5 BIG-IP Edge Gateway 11.2.0 HF5
F5 BIG-IP Edge Gateway 11.1.0 HF7
F5 BIG-IP Edge Gateway 10.2.1 HF1
F5 BIG-IP ASM 11.2.0 HF2 0
F5 BIG-IP ASM 11.2.0 0
F5 BIG-IP ASM 11.0.0 0
F5 BIG-IP ASM 10.2.4 0
F5 BIG-IP ASM 10.0.0 0
F5 BIG-IP ASM 11.5.1
F5 BIG-IP ASM 11.5
F5 BIG-IP ASM 10.2.2
F5 BIG-IP ASM 10.2.1
F5 BIG-IP ASM 11.6.0
F5 BIG-IP ASM 11.4.1
F5 BIG-IP ASM 11.3.0 HF4
F5 BIG-IP ASM 11.3.0
F5 BIG-IP ASM 11.2.1 HF5
F5 BIG-IP ASM 11.2.1 HF3
F5 BIG-IP ASM 11.2.1 HF2
F5 BIG-IP ASM 11.2.1 HF1
F5 BIG-IP ASM 11.2.1
F5 BIG-IP ASM 11.2.0 HF5
F5 BIG-IP ASM 11.2.0 HF3
F5 BIG-IP ASM 11.1.0 HF7
F5 BIG-IP ASM 11.1.0
F5 BIG-IP ASM 10.2.1 HF1
F5 BIG-IP APM 11.5.1
F5 BIG-IP APM 11.2
F5 BIG-IP APM 11.0
F5 BIG-IP APM 10.2.4
F5 BIG-IP APM 10.2.2
F5 BIG-IP APM 11.6.0
F5 BIG-IP APM 11.5.0
F5 BIG-IP APM 11.4.1
F5 BIG-IP APM 11.4.0
F5 BIG-IP APM 11.3.0 HF4
F5 BIG-IP APM 11.3.0
F5 BIG-IP APM 11.2.1 HF5
F5 BIG-IP APM 11.2.1 HF3
F5 BIG-IP APM 11.2.1 HF2
F5 BIG-IP APM 11.2.1 HF1
F5 BIG-IP APM 11.2.1
F5 BIG-IP APM 11.2.0 HF5
F5 BIG-IP APM 11.2.0 HF3
F5 BIG-IP APM 11.2.0 HF2
F5 BIG-IP APM 11.1.0 HF7
F5 BIG-IP APM 11.1.0
F5 BIG-IP APM 10.2.1 HF1
F5 BIG-IP APM 10.2.1
F5 BIG-IP APM 10.1
F5 BIG-IP Analytics 11.5.1
F5 BIG-IP Analytics 11.5
F5 BIG-IP Analytics 11.3
F5 BIG-IP Analytics 11.2.1 HF3
F5 BIG-IP Analytics 11.2.1
F5 BIG-IP Analytics 11.2 HF3
F5 BIG-IP Analytics 11.2
F5 BIG-IP Analytics 11.6.0
F5 BIG-IP Analytics 11.4.1
F5 BIG-IP Analytics 11.3.0 HF4
F5 BIG-IP Analytics 11.2.1 HF5
F5 BIG-IP Analytics 11.2.1 HF2
F5 BIG-IP Analytics 11.2.1 HF1
F5 BIG-IP Analytics 11.2.0 HF5
F5 BIG-IP Analytics 11.2.0 HF2
F5 BIG-IP Analytics 11.1.0 HF7
F5 BIG-IP Analytics 11.1.0
F5 BIG-IP Analytics 11.0.0-HF2
F5 BIG-IP Analytics 11.0.0
F5 BIG-IP AFM 11.5.1
F5 BIG-IP AFM 11.5
F5 BIG-IP AFM 11.3
F5 BIG-IP AFM 11.6.0
F5 BIG-IP AFM 11.4.1
F5 BIG-IP AFM 11.3.0 HF4
F5 BIG-IP AAM 11.5.1
F5 BIG-IP AAM 11.5
F5 BIG-IP AAM 11.6.0
F5 BIG-IP AAM 11.4.1
F5 BIG-IP AAM 11.4.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Avaya one-X Client Enablement Services 6.2
Avaya IP Office Server Edition 9.0
Avaya IP Office Server Edition 8.1
Avaya IP Office Application Server 9.0
Avaya CMS r17
Avaya CMS 17.0
Avaya Aura Utility Services 6.3
Avaya Aura Utility Services 6.2
Avaya Aura System Manager 6.3
Avaya Aura System Manager 6.2
Avaya Aura Session Manager 6.3.1
Avaya Aura Session Manager 6.3
Avaya Aura Session Manager 6.2
Avaya Aura Presence Services 6.2
Avaya Aura Presence Services 6.1
Avaya Aura Experience Portal 6.0.2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0.1
Avaya Aura Experience Portal 6.0 SP2
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Experience Portal 6.0 SP1
Avaya Aura Experience Portal 6.0
Avaya Aura Communication Manager 6.3
+ Avaya Communication Manager Server DEFINITY Server SI/CS
+ Avaya Communication Manager Server S8100
+ Avaya Communication Manager Server S8300
+ Avaya Communication Manager Server S8500
+ Avaya Communication Manager Server S8700
Avaya Aura Communication Manager 6.2
Avaya Aura Collaboration Environment 2.0
Avaya Aura Application Enablement Services 6.3
Avaya Aura Application Enablement Services 6.2
Not Vulnerable: VMWare ESXi 5.5 ESXi510-20141210
Python Software Foundation Python 3.3.3
Python Software Foundation Python 2.7.6
Oracle Solaris 11.1.12.5.0
LibreOffice LibreOffice 4.2.0
LibreOffice LibreOffice 4.1.5


 

Privacy Statement
Copyright 2010, SecurityFocus