VanDyke Software

Security Advisory

Security Advisory

Impact of the Python 2.7.9 CVE-2016-5699 vulnerability in SecureCRT

Posted: March 8, 2017




SecureCRT for Windows is not affected by this vulnerability.  It cannot be exploited because attempting to import urllib or urllib2 in order to use HTTPConnection results in an error being thrown by the scripting engine.  The underlying _socket lib that these two libraries require is not included in SecureCRT for Windows.


SecureCRT for Mac/Linux platforms uses the Python library that is installed on the system. It is recommended that the Python library be updated to version 2.7.10 or later.

Official Postings

Revision History

March 8, 2017 - Security Advisory Published

VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.