Has anyone heard of this being a security issue before:
+++
The remote Windows host has at least one service installed that uses an
unquoted service path, which contains at least one whitespace. A local
attacker could gain elevated privileges by inserting an executable file
in the path of the
I went through and updated all my registry entries that had
C:\Program Files\ to C:\Progra~1\
This fixes the issue. I run on a 32 bit OS, on a 64bit OS the 1 in progra~1
may be a different number.
The real problem is that a person could create a folder called Program and
load an executable
Interesting...thank you Doug.
-Original Message-
From: Preston, Douglas [mailto:dlpres...@lereta.com]
Sent: Tuesday, May 07, 2013 4:54 PM
To: Reynolds, Susan K.; 'veritas-bu@mailman.eng.auburn.edu'
Subject: RE: Unquoted path vulnerability
I went through and updated all my registry
Looks like this document disucsses the exploit in general.
http://www.tenable.com/sites/drupal.dmz.tenablesecurity.com/files/sc-report-files/Microsoft%20Windows%20Unquoted%20Service%20Path%20Enumeration.pdf
It appears someone solved a similar issue as described here:
Thank you Jeff.
-Original Message-
From: Lightner, Jeff [mailto:jlight...@water.com]
Sent: Tuesday, May 07, 2013 5:02 PM
To: Preston, Douglas; Reynolds, Susan K.;
'veritas-bu@mailman.eng.auburn.edu'
Subject: RE: Unquoted path vulnerability
Looks like this document disucsses the exploit
We've ran into this on some other servers. Double-quoting the entire path was
our solution.
Jason Brooks
Sr. Computer Systems Engineer
Longwood University
201 High St Farmville, VA 23909
mailto:brook...@longwood.edu
Voice: 434-395-2034
