Windows Unquoted Service Path Enumeration
Bug #1378074 reported by
nerijus
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OCS Inventory: Windows Agent |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Nessus security scanner reports the following:
"The remote Windows host has at least one service installed that uses an unquoted service path, which contains at least one whitespace. A local attacker could gain elevated privileges by inserting an executable file in the path of the affected service.
Solution
Ensure that any services that contain a space in the path enclose the path in quotes.
Nessus found the following service with an untrusted path :
OCS Inventory Service : C:\Program Files (x86)\OCS Inventory Agent\OcsServic
It would be nice if installer created the service with a quoted path.
information type: | Private Security → Public |
Changed in ocsinventory-windows-agent: | |
status: | New → Fix Committed |
Changed in ocsinventory-windows-agent: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
I'm using a powershell script now to rewrite all the records in the registry. Any idea of hen this easy thing can be fixed? To be a big risk as it is one of the few services in our domain containing unquoted paths.