[Veritas-bu] Unquoted path vulnerability
2013-05-07 16:45:20
Has anyone heard of this being a security issue before:
+++
The remote Windows host has at least one service installed that uses an
unquoted service path, which contains at least one whitespace. A local
attacker could gain elevated privileges by inserting an executable file
in the path of the affected service.
Ensure that any services that contain a space in the path enclose the
path in quotes.
Nessus found the following service with an untrusted path:
NetBackup INET Daemon : C:\Program
Files\Veritas\NetBackup\bin\bpinetd.exe
+++
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Veritas-bu] Unquoted path vulnerability,
Reynolds, Susan K. <=
|
|
|