You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our cyber security test team filed a bug, because of the "Unquoted service-path" to the firebird executable in registry:
Impact:
A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.
Description:
Unquoted service paths are a older vulnerability that occurs when the path to an executable service or program (commonly uninstallers) are unquoted and contain spaces.
If we look at the path to the executable, it is specified without quotes. In this case, the execution method of Windows can be bypassed. When the path has a space in between and is not specified in quotes.
Remediation:
Ensure that any services that contain a space in the path enclose the path in quotes.
The text was updated successfully, but these errors were encountered:
Submitted by: Karsten Stock (kstock)
Our cyber security test team filed a bug, because of the "Unquoted service-path" to the firebird executable in registry:
Impact:
A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service.
Description:
Unquoted service paths are a older vulnerability that occurs when the path to an executable service or program (commonly uninstallers) are unquoted and contain spaces.
If we look at the path to the executable, it is specified without quotes. In this case, the execution method of Windows can be bypassed. When the path has a space in between and is not specified in quotes.
Remediation:
Ensure that any services that contain a space in the path enclose the path in quotes.
The text was updated successfully, but these errors were encountered: