OT: What's up with the starship?
Shane Hathaway
shane at hathawaymix.org
Mon Oct 16 16:41:46 EDT 2006
Fredrik Lundh wrote:
> Shane Hathaway wrote:
>
> > I don't know if this concern applies to Starship specifically, but it
> > seems to apply to thousands of web sites running Python CGIs and
> > Python web servers.
>
> so are we seeing thousands of web sites running Python CGIs and web
> servers being attacked right now?
No, but it often takes a long time for servers to get patched, so the
window for intruders is going to be open for a while. I'm trying to
understand:
a) how urgent and/or exploitable this is,
b) how I can check whether a given Python installation (running on a
server) has been patched, and
c) whether the security advisory downplays the risk more than it should,
since it appears that many Zope/Plone web servers are vulnerable.
Shane
More information about the Python-list
mailing list