mjocasio23

Unquote BinPath where windows service is located

Discussion created by mjocasio23 on Feb 20, 2013
Latest reply on Feb 25, 2013 by mjocasio23
While scanning our servers we noticed that the loaction of the ArcGIS License Manager executable path was detected as vulnerable by the scanner. The reason is the location name of the folder contain embedded space and is not enclosed in quotes.

windows component                                                               binPath
ArcGIS License Manager                    C:\Program Files (x86)\ArcGIS\License10.0\bin\lmgrd.exe   

Is there a patch to solve this problem.....

references

https://isc.sans.edu/diary/Help+eliminate+unquoted+path+vulnerabilities/14464

http://blakhal0.blogspot.com/2012/08/hiding-files-by-exploiting-spaces-in.html

Outcomes