Opened 16 years ago
Closed 16 years ago
#3981 closed Bug report (fixed)
Security Hole: rights escalation (ImagePath)
| Reported by: | George Shuklin | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | FileZilla Server |
| Keywords: | Cc: | ||
| Component version: | Operating system type: | Windows | |
| Operating system version: | Windows XP, Windows 2003 |
Description
By default, filezilla server register as service:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FileZilla Server\ImagePath = C:\Program Files\FileZilla Server\FileZilla Server.exe
but due windows .. a.. behavior, if name of ImagePath created without quotation (e.g. "C:\Program Files\FileZilla Server\FileZilla Server.exe"), first, c:\program.exe will be runned (if existed). By default windows XP, 2003 allows user (non-administrator) to create files in the root of "c:\". By putting program.exe file in c:\ user could escalate rights.
Solution: in the installation process, add an ImagePath with quotation.
Note:
See TracTickets
for help on using tickets.
Thanks for spotting and reporting this issue. I'll release a fixed version soon.