Peter Funk added the comment: A recently posted proof of concept exploit got a lot of attention:
https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ I suggest some Python core developer should clarify here whether people running some publically available python based web service (Zope, Plone, Roundup, MoinMoin, or whatever) are vulnerable or not. ---------- nosy: +pefu _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue20246> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
