SMB Insecurely Configured Service

This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.


Synopsis :

At least one insecurely configured Windows service on the remote host
is affected by a privilege escalation vulnerability.

Description :

At least one insecurely configured Windows service was detected on the
remote host. Unprivileged users can modify the properties of these
affected services, allowing an unprivileged, local attacker to execute
arbitrary code or commands as SYSTEM.

Nessus checked if any of the following groups have permissions to
modify executable files that are started by Windows services :

- Everyone
- Users
- Domain Users
- Authenticated Users

See also :

http://www.nessus.org/u?4d3bc305
https://msdn.microsoft.com/en-us/library/ms685981(VS.85).aspx

Solution :

Ensure the groups listed above do not have ChangeConf, WDac, or WOwn
permissions. Refer to the Microsoft documentation for more
information.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Windows

Nessus Plugin ID: 44676 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now