This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
At least one improperly configured Windows service may have a
privilege escalation vulnerability.
At least one Windows service executable with insecure permissions was
detected on the remote host. Services configured to use an executable
with weak permissions are vulnerable to privilege escalation attacks.
An unprivileged user could modify or overwrite the executable with
arbitrary code, which would be executed the next time the service is
started. Depending on the user that the service runs as, this could
result in privilege escalation.
This plugin checks if any of the following groups have permissions to
modify executable files that are started by Windows services :
- Domain Users
- Authenticated Users
See also :
Ensure the groups listed above do not have permissions to modify or
write service executables. Additionally, ensure these groups do not
have Full Control permission to any directories that contain service
Risk factor :
High / CVSS Base Score : 7.2
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now