This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Unquoted Service Path
After reading isc.sans.org, and following a link to this article:
http://www.commonexploits.com/?p=658
I can see that 1Password is installed as a service with a non-quoted path, which gives someone with local access to the PC the ability to create a file "C:\Program.exe" that will be executed instead of the 1Password service, when the service is started. This app will run witht he same account as the service = Local system.
This is a major risk, please fix ASAP.
[font=courier new,courier,monospace]C:\Windows\System32>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """[/font]
[font=courier new,courier,monospace]1Password Agile1Password[/font]
[font=courier new,courier,monospace] C:\Program Files\1Password\Agile1pService.exe[/font]
[font=courier new,courier,monospace] Auto[/font]
[size=2][font=arial, helvetica, sans-serif]PS: You are not the only one with the problem. Wacom, Seagate and IBM all have the problem on this machine as well.[/font][/size]
http://www.commonexploits.com/?p=658
I can see that 1Password is installed as a service with a non-quoted path, which gives someone with local access to the PC the ability to create a file "C:\Program.exe" that will be executed instead of the 1Password service, when the service is started. This app will run witht he same account as the service = Local system.
This is a major risk, please fix ASAP.
[font=courier new,courier,monospace]C:\Windows\System32>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """[/font]
[font=courier new,courier,monospace]1Password Agile1Password[/font]
[font=courier new,courier,monospace] C:\Program Files\1Password\Agile1pService.exe[/font]
[font=courier new,courier,monospace] Auto[/font]
[size=2][font=arial, helvetica, sans-serif]PS: You are not the only one with the problem. Wacom, Seagate and IBM all have the problem on this machine as well.[/font][/size]
Flag
0
Comments
-
Fixed in 1.0.9.305Flag 0
-
[quote name='Stefan von Dutch' timestamp='1352451179' post='63043']
Fixed in 1.0.9.305
[/quote]
Nice to see the fast response, but that is what we are getting used to from you guys.
Putting calc.exe in a file c:\Program.exe will cause lots of problems on Windows, as there are un-quoted paths everywhere. Conclusion is, that if a user can write in C:\ he can always run anything as local system. I he creates C:\documents.exe he will most likely be able to run apps as other users trying to launch stuff from thir Documents and settings folder. An old well-known Windows bug - But MS will not fix. They are afraid to break too much code. Win95 compatibility must be maintained at all costs.Flag 0
