Python

My favorite XML-RPC debugger has been taken offline because of a huge security vulnerability in Python's SimpleXMLRPCServer library: On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance's class(es), potentially leading to data loss or arbitrary code execution. If the registered object is a module, the danger is particularly serious. For example, if the registered module imports the os module, an attacker could ... (read more)

2005/04/01

Microsoft Bob icon

Rogers Cadenhead

Social Media

Mastodon

Mastodon

Subscriptions

Workbench RSS feed RSS Feed

Blogroll

Projects

Statistics

Line drawing of cowboy on horse

This blog has been published since Nov. 7, 1999 (a span of 9,029 days).

Thank you for visiting Workbench.

Drawing of an owl with glasses reading a book