This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pefu
Recipients christian.heimes, cvrebert, ezio.melotti, giampaolo.rodola, koobs, ncoghlan, offby1, pefu, pitrou, python-dev, r.david.murray, rmsr, skrah
Date 2014-02-26.11:25:44
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1393413944.92.0.962830018085.issue20246@psf.upfronthosting.co.za>
In-reply-to
Content
A recently posted proof of concept exploit got a lot of attention:

https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/

I suggest some Python core developer should clarify here whether people running some publically available python based web service
(Zope, Plone, Roundup, MoinMoin, or whatever) are vulnerable or not.
History
Date User Action Args
2014-02-26 11:25:45pefusetrecipients: + pefu, ncoghlan, pitrou, giampaolo.rodola, christian.heimes, rmsr, ezio.melotti, r.david.murray, cvrebert, skrah, offby1, python-dev, koobs
2014-02-26 11:25:44pefusetmessageid: <1393413944.92.0.962830018085.issue20246@psf.upfronthosting.co.za>
2014-02-26 11:25:44pefulinkissue20246 messages
2014-02-26 11:25:44pefucreate