Python
My favorite XML-RPC debugger has been taken offline because of a huge security vulnerability in Python's SimpleXMLRPCServer library: On vulnerable XML-RPC servers, a remote attacker may be able to view or modify globals of the module(s) containing the registered instance's class(es), potentially leading to data loss or arbitrary code execution. If the registered object is a module, the danger is particularly serious. For example, if the registered module imports the os module, an attacker could ... (
read more)