Name of the Vulnerable Software and Affected Versions:

ActivePython version 3.2.2.3

Description:

The installation functionality in ActivePython has an untrusted search path vulnerability. This might allow local users to gain privileges via a Trojan horse DLL in the C:Python27 or C:Python27Scripts directory, which may be added to the PATH system environment variable by an administrator. This issue is demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in various Windows versions.

Recommendations:

For ActivePython version 3.2.2.3, consider disabling the installation functionality in the top-level C: directory to minimize the risk of exploitation. Restrict access to the C:Python27 and C:Python27Scripts directories to prevent a Trojan horse DLL from being added to the PATH system environment variable. As a temporary workaround, avoid using the `wlbsctrl.dll` file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.