S
skip
Shane> I'm trying to understand:
Shane> a) how urgent and/or exploitable this is,
Perhaps not very. As I indicated in an earlier post, the exploit has been
available since 2001, so it is probably fairly hard to exploit.
Shane> b) how I can check whether a given Python installation (running
Shane> on a server) has been patched, and
If it's running 2.4.4 or 2.5 it should be okay. If it's running some
earlier version a lot will depend on whether Python was installed by a Linux
distributor (in which case check their version numbers and their release
notes) or installed locally from source.
Shane> c) whether the security advisory downplays the risk more than it
Shane> should, since it appears that many Zope/Plone web servers are
Shane> vulnerable.
I can't pretend to divine the true meaning behind all the wording of the
various security advisories. You'd have to ask each one of the security
organizations.
Here's one example:
http://secunia.com/advisories/22276/
The application has to work with Unicode on a UCS-4-compiled version of
Python and use the repr() function on such Unicode strings. Furthermore,
the black hat would have to figure out how to get a suitably crafted Unicode
string into the repr() function at just the right place.
I'm not saying it can't be done, but I think it would be a fairly
challenging undertaking.
Skip
Shane> a) how urgent and/or exploitable this is,
Perhaps not very. As I indicated in an earlier post, the exploit has been
available since 2001, so it is probably fairly hard to exploit.
Shane> b) how I can check whether a given Python installation (running
Shane> on a server) has been patched, and
If it's running 2.4.4 or 2.5 it should be okay. If it's running some
earlier version a lot will depend on whether Python was installed by a Linux
distributor (in which case check their version numbers and their release
notes) or installed locally from source.
Shane> c) whether the security advisory downplays the risk more than it
Shane> should, since it appears that many Zope/Plone web servers are
Shane> vulnerable.
I can't pretend to divine the true meaning behind all the wording of the
various security advisories. You'd have to ask each one of the security
organizations.
Here's one example:
http://secunia.com/advisories/22276/
The application has to work with Unicode on a UCS-4-compiled version of
Python and use the repr() function on such Unicode strings. Furthermore,
the black hat would have to figure out how to get a suitably crafted Unicode
string into the repr() function at just the right place.
I'm not saying it can't be done, but I think it would be a fairly
challenging undertaking.
Skip