[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
Victor Stinner
victor.stinner at gmail.com
Tue Feb 25 11:07:13 CET 2014
More information about the Python-Dev mailing list
Tue Feb 25 11:07:13 CET 2014
- Previous message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
- Next message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, 2014-02-25 8:39 GMT+01:00 Christian Heimes <christian at python.org>: > this looks pretty serious -- and it caught me off guard, too. :( > https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ I don't think that the issue is critical. Extract of the article "Diving into SocketServer() luckily socket.recvfrom_into() isn’t even used". In fact, I didn't find any usage of the method except of unit test. Do you know which applications are vulnerable? Victor
- Previous message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
- Next message: [Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-Dev mailing list