Milad Karimi 0 Posted June 4 Share Posted June 4 https://www.exploit-db.com/exploits/51964 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted June 4 Administrators Share Posted June 4 This is a 1-year old bug. The latest version is v17.1 which has it already fixed. Aryeh Goretsky 1 Link to comment Share on other sites More sharing options...
Milad Karimi 0 Posted June 4 Author Share Posted June 4 https://packetstormsecurity.com/files/178294/ESET-NOD32-Antivirus-17.1.11.0-Unquoted-Service-Path.html Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted June 4 Administrators Share Posted June 4 All paths to services are quoted in ESET v17.1+: "C:\Program Files\ESET\ESET Security\efwd.exe" "C:\Program Files\ESET\ESET Security\ekrn.exe" Aryeh Goretsky 1 Link to comment Share on other sites More sharing options...
Milad Karimi 0 Posted June 4 Author Share Posted June 4 9 minutes ago, Marcos said: این یک باگ 1 ساله است. آخرین نسخه v17.1 است که قبلاً رفع شده است. No, I discovered this vulnerability in the latest version Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted June 4 Administrators Share Posted June 4 Just now, Milad Karimi said: No, I discovered this vulnerability in the latest version There is no such issue with v17.1.11. Link to comment Share on other sites More sharing options...
Milad Karimi 0 Posted June 4 Author Share Posted June 4 You can prove it does not exist? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted June 4 Administrators Share Posted June 4 In your screenshot the path is quoted so the vulnerability doesn't exist. Link to comment Share on other sites More sharing options...
Milad Karimi 0 Posted June 4 Author Share Posted June 4 You know something about Unquoted Service Path vulnerability or you don't have enough knowledge Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,306 Posted June 4 Administrators Solution Share Posted June 4 The Unquoted Service Path vulnerability in Windows occurs when services are installed using paths containing spaces without proper quotation marks. If attackers obtain write permissions in the service's installation directory, they can execute malicious code with elevated privileges. In your screenshot it is obvious that the path is properly quoted. Aryeh Goretsky 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,306 Posted June 4 Administrators Share Posted June 4 Moreover, ESET has never used a service named "ESETServiceSvc" with display name "ESET Updater". Link to comment Share on other sites More sharing options...
Recommended Posts