[issue29739] zipfile raises wrong exception for some incorrect passwords
Serhiy Storchaka
report at bugs.python.org
Sun Jun 18 08:10:16 EDT 2017
Serhiy Storchaka added the comment:
Actually this feature helps to do the brute-force attack. 255 of 256 passwords can be rejected by testing only the header. Old ZIP files encryption is very weak, it isn't used in serious applications.
----------
nosy: +r.david.murray
status: open -> pending
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue29739>
_______________________________________
More information about the Python-bugs-list
mailing list