Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Instsvc does not add quotes to the service-path in registry [CORE6112] #6361

Open
firebird-automations opened this issue Jul 31, 2019 · 0 comments

Comments

@firebird-automations
Copy link
Collaborator

Submitted by: Karsten Stock (kstock)

Our cyber security test team filed a bug, because of the "Unquoted service-path" to the firebird executable in registry:

Impact:
A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.

Description:
Unquoted service paths are a older vulnerability that occurs when the path to an executable service or program (commonly uninstallers) are unquoted and contain spaces.
If we look at the path to the executable, it is specified without quotes. In this case, the execution method of Windows can be bypassed. When the path has a space in between and is not specified in quotes.

Remediation:
Ensure that any services that contain a space in the path enclose the path in quotes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant