=========================================================== Ubuntu Security Notice USN-73-1 February 03, 2005 python2.2, python2.3 vulnerability CAN-2005-0089 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: python2.2 python2.3 The problem can be corrected by upgrading the affected package to version 2.2.3-10ubuntu0.1 (python2.2) and 2.3.4-2ubuntu0.1 (python2.3). After a standard system upgrade you must restart all running Python server applications that use XML-RPC to effect the necessary changes. Details follow: The Python developers discovered a flaw in the SimpleXMLRPCServer module. Python XML-RPC servers that used the register_instance() method to register an object, but do not have a _dispatch() method, allowed remote users to access or change function internals using the im_* and func_* attributes. Reproducible: Always Steps to Reproduce: 1. 2. 3.
it has already been submited
*** This bug has been marked as a duplicate of 80592 ***