Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #85178
| References | <75fe0f21-3ffb-4649-ad06-0dcbdad631fa@googlegroups.com> <vg3wq3zpbi9.fsf@coffee.modeemi.fi> <54d0aeb9$0$12994$c3e8da3$5496439d@news.astraweb.com> <vg3r3u6pyyy.fsf@coffee.modeemi.fi> |
|---|---|
| Date | 2015-02-04 09:08 +1100 |
| Subject | Re: Ghost vulnerability |
| From | Chris Angelico <rosuav@gmail.com> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.18444.1423001304.18130.python-list@python.org> (permalink) |
On Wed, Feb 4, 2015 at 6:38 AM, Anssi Saari <as@sci.fi> wrote:
> Anyways, here's an example calling gethostbyname directly in python:
>
> from ctypes import CDLL
> o = CDLL('libc.so.6')
> for i in range(0, 2500):
> o.gethostbyname('0'*i)
>
> I don't have a vulnerable system to test on any more though.
That bombs on my internal disk server, which is said to be vulnerable
using the C implementation.
ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
Ghost vulnerability Rustom Mody <rustompmody@gmail.com> - 2015-02-02 19:53 -0800
Re: Ghost vulnerability Chris Angelico <rosuav@gmail.com> - 2015-02-03 15:38 +1100
Re: Ghost vulnerability Anssi Saari <as@sci.fi> - 2015-02-03 11:53 +0200
Re: Ghost vulnerability Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-02-03 22:19 +1100
Re: Ghost vulnerability Michael Torrie <torriem@gmail.com> - 2015-02-03 10:31 -0700
Re: Ghost vulnerability Anssi Saari <as@sci.fi> - 2015-02-03 21:38 +0200
Re: Ghost vulnerability Chris Angelico <rosuav@gmail.com> - 2015-02-04 09:08 +1100
Re: Ghost vulnerability Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-02-04 13:13 +1100
Re: Ghost vulnerability Marc Aymerich <glicerinu@gmail.com> - 2015-02-03 18:47 +0100
csiph-web