Unquoted Service Path Vulnerability on Windows

Started by CemOnder, September 03, 2021, 03:14:23 PM

Previous topic - Next topic

CemOnder

This vulnerability has been addressed by SBT.  Please refer to the following information below to make necessary Ranger updates to prevent this vulnerability on workstations:

1. SBTLogServiceWindows is already a deprecated service. No Ranger Core installer newer than 4.5.x.x should install this service.This Service path will linger even after uninstalling the old plugins, but you can safely delete this service path (without affecting SBTLogService)

2. All other Services Ranger installs have also been certified for quoted paths starting from Ranger Core 4.8.1.6-X.X.X.X. Ranger Core before 4.8.1.6 might install SBT Log Service with an unquoted path.

3. Ranger Remote Service installers starting from 2.2.1.7 will also not install any services with an unquoted path


You can read more about this vulnerability here:
https://medium.com/@harshaunsingh/windows-privileged-escalation-manual-and-using-metasploit-framework-ch-1-fd5f31a7db86