Re: [Veritas-bu] Unquoted path vulnerability
2013-05-07 16:54:01
I went through and updated all my registry entries that had
C:\Program Files\ to C:\Progra~1\
This fixes the issue. I run on a 32 bit OS, on a 64bit OS the 1 in progra~1
may be a different number.
The real problem is that a person could create a folder called Program and
load an executable called Fileswhatever in there and the path of the service
not being quoted may look in c:\Program\ instead of "c:\Program Files\"
Doug Preston
-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of Reynolds,
Susan K.
Sent: Tuesday, May 07, 2013 1:45 PM
To: veritas-bu AT mailman.eng.auburn DOT edu
Subject: [Veritas-bu] Unquoted path vulnerability
Has anyone heard of this being a security issue before:
+++
The remote Windows host has at least one service installed that uses an
unquoted service path, which contains at least one whitespace. A local
attacker could gain elevated privileges by inserting an executable file in
the path of the affected service.
Ensure that any services that contain a space in the path enclose the path
in quotes.
Nessus found the following service with an untrusted path:
NetBackup INET Daemon : C:\Program
Files\Veritas\NetBackup\bin\bpinetd.exe
+++
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|