[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()
victor.stinner at gmail.com
Tue Feb 25 11:07:13 CET 2014
2014-02-25 8:39 GMT+01:00 Christian Heimes <christian at python.org>:
> this looks pretty serious -- and it caught me off guard, too. :(
I don't think that the issue is critical.
Extract of the article "Diving into SocketServer() luckily
socket.recvfrom_into() isn’t even used". In fact, I didn't find any
usage of the method except of unit test. Do you know which
applications are vulnerable?
More information about the Python-Dev