Author kindloaf
Recipients kindloaf
Date 2009-04-20.16:42:29
SpamBayes Score 0.00990721
Marked as misclassified No
Message-id <>
The security descriptors of python binaries (like python.exe,
pythonw.exe, etc) allow any Authenticated Users to modify these
binaries.  This may cause a privilege-escalation problem since
administrators may use python binaries when performing administrative
tasks.  A normal unprivileged user may turn a python binary into a
trojan and acquire administrator's sids.

Test environment: windows vista, python 2.6
Date User Action Args
2009-04-20 16:42:31kindloafsetrecipients: + kindloaf
2009-04-20 16:42:30kindloafsetmessageid: <>
2009-04-20 16:42:29kindloaflinkissue5802 messages
2009-04-20 16:42:29kindloafcreate