Re: [Python-Dev] FYI - wiki.python.org compromised

To Whoever this may concern, I believe the exploit in use on the Python Wiki could have been the following remote arbitrary code execution exploit that myself and some fellow researchers have been working with over the past few days. I'm not sure if this has quite been reported to the Moin development team, however this exploit would be triggered via a URL much like the following: http://wiki.python.org/WikiSandBox?action=moinexec&c=uname%20-a This URL of course would cause for the page to output the contents of the command "uname -a". I think this is definitely worth your researchers looking into, and please be sure to credit myself (Robert 'xnite' Whitney; http://xnite.org) for finding & reporting this vulnerability. Best of luck, Robert 'xnite' Whitney PS - If you have any further questions on this matter for me, please feel free to us the contact information in my signature below or reply to this email. -- xnite (xnite@xnite.org) Google Voice: 828-45-XNITE (96483) Web: http://xnite.org PGP Key: http://xnite.org/pgpkey

Robert Whitney writes:
I believe the exploit in use on the Python Wiki could have been the following remote arbitrary code execution exploit that myself and some fellow researchers have been working with over the past few days.
AFAIK, Python has a security policy. One point of that policy is to avoid announcing details of exploits on public channels until a policy for addressing them is implemented. If you have something to report, the best channel is security@python.org. http://www.python.org/news/security
participants (2)
-
Robert Whitney
-
Stephen J. Turnbull