web security question.

Discussion in 'Python' started by pxlpluker, May 15, 2004.

  1. pxlpluker

    pxlpluker Guest

    I have a friend that was using formmail.pl until last weekend when it
    was hacked by spammers with a buffer overflow attack on one of the form
    fields. I don't know enough about perl to know how/where the overflow
    happened. I do have a raw copy of the data the spammer was using, he was
    putting about 40k into a form field to break the script. I am guessing
    it broke the script on the regex checking for valid emails or before.
    My question is, is python open to such attacks and how to prevent it.
    I am working on a web program that will have a email address and will
    send an email/s.
    would a buffer overflow attack work against python cgi ?

    fred
     
    pxlpluker, May 15, 2004
    #1
    1. Advertising

  2. pxlpluker

    Paul Rubin Guest

    pxlpluker <> writes:
    > I have a friend that was using formmail.pl until last weekend when it
    > was hacked by spammers with a buffer overflow attack on one of the
    > form fields.


    What makes you think it was a buffer overflow bug? formmail.pl is
    notorious for having security bugs, but none have been buffer
    overflows as far as I know. Are you sure it wasn't some other kind of bug?
     
    Paul Rubin, May 15, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Aaron
    Replies:
    1
    Views:
    356
    John C. Bollinger
    Aug 4, 2003
  2. Marco
    Replies:
    1
    Views:
    2,420
    Roedy Green
    Jan 28, 2006
  3. Akram Baig
    Replies:
    0
    Views:
    333
    Akram Baig
    Apr 7, 2011
  4. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    155
    Dinis Cruz
    Oct 11, 2003
  5. Michael Randrup
    Replies:
    3
    Views:
    308
    Henning Krause [MVP]
    Mar 27, 2006
Loading...

Share This Page