A Code Execution Vulnerability in Google App Engine SDK for Python | How to hack

Subscribe & Don,t Miss A Free Hacking Course| Receive Daily Updates

Enter your email address:

A Code Execution Vulnerability in Google App Engine SDK for Python



Google App Engine is a great technology allowing web developers to develop their own web applications,test them in their internal framework, and deploy them to Google’s appspot.com domain.The Google App Engine framework allows developers to write their web site logic in Python, and offers several frameworks specially created for this. In addition, Google App Engine provides an SDK Console via web that acts as an administration console for the newly written application.This advisory lists 4 different vulnerabilities, one in admin console and three others in the Google python API, which allow a remote attacker to gain full code execution on the developer’s machine. These severe issues have been communicated to Google, and a fix was released last month on Sep 12, 2012 (in version 1.5.4).

Download PDF




Share your views...

1 Respones to "A Code Execution Vulnerability in Google App Engine SDK for Python"

VJ said...

nice article bro....!
I m not a pro like u but u can get me on http://hackforms.blogspot.com


October 15, 2011 at 3:30 AM

Post a Comment

 

© 2011 How to hack All Rights Reserved Learn Hacking Online hackguide4u.com