Fredrik Lundh wrote: > [EMAIL PROTECTED] wrote: > >> Then perhaps you or he could explain it to us less intelligent >> people in very simple terms? > > the security advisory explains that the cause of the problem is a bug > in the source code used to implement repr() for 32-bit Unicode strings, > on all Python versions from 2.2 and onwards. > > Python 2.2 was released in 2001.
So, are we to infer that Starship was running Python 2.1 or earlier at the time the server was compromised? Otherwise I missed your point, sorry. The vulnerability described by PSF-2006-001 could easily lead to server compromises. AFAIK, most Linux distributions enable UCS-4 by default, and they have done so for years. To compromise a server using the PSF-2006-001 vulnerability, an intruder just needs to find a Python CGI script running on that server that converts some bad input to unicode, then cause that script to raise an error while processing the request containing the bad input. There's a good chance the script will log an error with the repr() of the bad input, allowing the intruder to mess with the stack. If the server is running a distribution-supplied build of Python, the intruder may be able to inject arbitrary code. I don't know if this concern applies to Starship specifically, but it seems to apply to thousands of web sites running Python CGIs and Python web servers. Shane -- http://mail.python.org/mailman/listinfo/python-list
