web security question.
pxlpluker
pxlpluker at cfl.rr.com
Sat May 15 10:06:31 EDT 2004
I have a friend that was using formmail.pl until last weekend when it
was hacked by spammers with a buffer overflow attack on one of the form
fields. I don't know enough about perl to know how/where the overflow
happened. I do have a raw copy of the data the spammer was using, he was
putting about 40k into a form field to break the script. I am guessing
it broke the script on the regex checking for valid emails or before.
My question is, is python open to such attacks and how to prevent it.
I am working on a web program that will have a email address and will
send an email/s.
would a buffer overflow attack work against python cgi ?
fred
More information about the Python-list
mailing list