Huzaifa Sidhpurwala sidhpurwala.huza...@gmail.com added the comment:
I have not tried the patch yet, but modifying the reproducer yields a different
crash. This one seems to be a heap-based buffer overflow which is slightly more
serious.
In the reproducer, you just need to replace ascii
Huzaifa Sidhpurwala sidhpurwala.huza...@gmail.com added the comment:
I am wondering if a CVE id has been assigned to this security issue yet?
--
nosy: +Huzaifa.Sidhpurwala
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue13703
Huzaifa Sidhpurwala sidhpurwala.huza...@gmail.com added the comment:
It seems python was being blamed for what is essentially the fault of lynx.
The following would translate into browsing files locally from the system and
not from the web:
lynx http://localhost:8000
Huzaifa Sidhpurwala sidhpurwala.huza...@gmail.com added the comment:
This should have been
lynx localhost:8000/../../../../../../../../etc/passwd
v/s
lynx http://localhost:8000/../../../../../../../../etc/passwd
--
___
Python tracker rep
Michael Stroder wrote:
Matias Surdi wrote:
Anyone knows how having the IP address of a host on the lan could I get
the mac address of that hosr?
p/d: Parsing the output of arp -a is not an option.
Any reason why arp is not an option?
But the ARP table is exactly what you