Sophos Firewall

Discussions STAS is affected by the Microsoft Windows Unquoted Path Vulnerability

Sophos Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 27 subscribers
Views 948 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

STAS is affected by the Microsoft Windows Unquoted Path Vulnerability

Jelle over 6 years ago

I just found out using the OpenVAS scanner that STAS is affected by the Microsoft Windows Unquoted Path Vulnerability Windows. Uninstall registry entries and services using an unquoted path containing at least one whitespace allow a local attacker with low privileges and write permissions to place a malicious executable.

DisplayName|Name|PathName
Sophos Transparent Authentication Suite|STAS|C:\Program Files (x86)\Sophos\Sophos Transparent Authentication Suite\stas.exe

Hopefully this is fixed soon.

This thread was automatically locked due to age.

0 LuCar Toni over 6 years ago

Would suggest to open a Support Case.
Cancel
Vote Up 0 Vote Down

Cancel