SynopsisPotentially dangerous PATH variables are present in the PATH of the remote host.
DescriptionPotentially dangerous PATH variables are present in the PATH of the remote host, which could lead to privilege escalation by allowing non-administrator users to write files to the PATH directory.
This plugin fires on Unix when a directory in the PATH variable is world writable or if '.' (the current directory) is present in the PATH. This plugin also fires when the scan is paranoid and one of the following is true:
1) A directory in the PATH variable is not owned by root 2) A directory in the PATH variable has a group other than root and the group can write to the directory.
This plugin fires on Windows when paranoia is enabled and when a directory in the PATH variable is writable by one of the following unprivileged identity groups: BUILTIN\Users, NT AUTHORITY\Authenticated Users, anonymous, and everyone. It fires if one of these groups has full, write-only, modify, write owner, generic write, generic all, write data/add file, or write DAC permissions on the PATH directory
SolutionEnsure that directories listed here are in line with corporate policy.
File Name: dangerous_paths.nbin
Agent: windows, macosx, unix
Supported Sensors: Nessus Agent
CVSS Score Rationale: Score from an in depth analysis done by tenable
CVSS Score Source: manual
Required KB Items: Host/PATH