Opened 11 years ago

Closed 11 years ago

#3981 closed Bug report (fixed)

Security Hole: rights escalation (ImagePath)

Reported by: George Shuklin Owned by:
Priority: normal Component: FileZilla Server
Keywords: Cc:
Component version: Operating system type: Windows
Operating system version: Windows XP, Windows 2003

Description

By default, filezilla server register as service:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FileZilla Server\ImagePath = C:\Program Files\FileZilla Server\FileZilla Server.exe

but due windows .. a.. behavior, if name of ImagePath created without quotation (e.g. "C:\Program Files\FileZilla Server\FileZilla Server.exe"), first, c:\program.exe will be runned (if existed). By default windows XP, 2003 allows user (non-administrator) to create files in the root of "c:\". By putting program.exe file in c:\ user could escalate rights.

Solution: in the installation process, add an ImagePath with quotation.

Change History (1)

comment:1 Changed 11 years ago by Tim Kosse

Resolution: fixed
Status: newclosed

Thanks for spotting and reporting this issue. I'll release a fixed version soon.

Note: See TracTickets for help on using tickets.