Thousands of applications, including many large and mission critical systems at enterprises like Industrial Light...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
& Magic, Google and NASA, are vulnerable to a bug that could allow a remote attacker to execute arbitrary code or gain system access.
Applications and systems using Python -- including Debian GNU/Linux and Mandrake Linux -- may need to be updated or rebuilt.
Python developer Sebastian Schmidt has discovered vulnerability in the getaddrinfo function, which resolves a host and port into the addrinfo struct.
A remote attacker could supply a specially crafted IPv6 address via DNS that could cause a buffer overflow, permitting execution of arbitrary code and unauthorized system access. This only occurs if Python is configured without IPv6 support.
Only a week ago, another Python vulnerability was discovered involving Debian and Apache that allowed a remote denial of service.