OT: What's up with the starship?

skip at pobox.com skip at pobox.com
Mon Oct 16 17:11:19 EDT 2006


    Shane> I'm trying to understand:

    Shane> a) how urgent and/or exploitable this is,

Perhaps not very.  As I indicated in an earlier post, the exploit has been
available since 2001, so it is probably fairly hard to exploit.

    Shane> b) how I can check whether a given Python installation (running
    Shane>    on a server) has been patched, and

If it's running 2.4.4 or 2.5 it should be okay.  If it's running some
earlier version a lot will depend on whether Python was installed by a Linux
distributor (in which case check their version numbers and their release
notes) or installed locally from source.

    Shane> c) whether the security advisory downplays the risk more than it
    Shane>    should, since it appears that many Zope/Plone web servers are
    Shane>    vulnerable.

I can't pretend to divine the true meaning behind all the wording of the
various security advisories.  You'd have to ask each one of the security
organizations.

Here's one example:

    http://secunia.com/advisories/22276/

The application has to work with Unicode on a UCS-4-compiled version of
Python and use the repr() function on such Unicode strings.  Furthermore,
the black hat would have to figure out how to get a suitably crafted Unicode
string into the repr() function at just the right place.

I'm not saying it can't be done, but I think it would be a fairly
challenging undertaking.

Skip





More information about the Python-list mailing list