Re: [Veritas-bu] Unquoted path vulnerability
2013-05-07 17:00:04
Interesting...thank you Doug.
-----Original Message-----
From: Preston, Douglas [mailto:dlpreston AT lereta DOT com]
Sent: Tuesday, May 07, 2013 4:54 PM
To: Reynolds, Susan K.; 'veritas-bu AT mailman.eng.auburn DOT edu'
Subject: RE: Unquoted path vulnerability
I went through and updated all my registry entries that had
C:\Program Files\ to C:\Progra~1\
This fixes the issue. I run on a 32 bit OS, on a 64bit OS the 1 in
progra~1
may be a different number.
The real problem is that a person could create a folder called Program
and
load an executable called Fileswhatever in there and the path of the
service
not being quoted may look in c:\Program\ instead of "c:\Program Files\"
Doug Preston
-----Original Message-----
From: veritas-bu-bounces AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-bounces AT mailman.eng.auburn DOT edu] On Behalf Of
Reynolds,
Susan K.
Sent: Tuesday, May 07, 2013 1:45 PM
To: veritas-bu AT mailman.eng.auburn DOT edu
Subject: [Veritas-bu] Unquoted path vulnerability
Has anyone heard of this being a security issue before:
+++
The remote Windows host has at least one service installed that uses an
unquoted service path, which contains at least one whitespace. A local
attacker could gain elevated privileges by inserting an executable file
in
the path of the affected service.
Ensure that any services that contain a space in the path enclose the
path
in quotes.
Nessus found the following service with an untrusted path:
NetBackup INET Daemon : C:\Program
Files\Veritas\NetBackup\bin\bpinetd.exe
+++
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|