Custom Query (541 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:


Results (28 - 30 of 541)

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Ticket Resolution Summary Owner Reporter
#261 fixed Startstop Service vulnerability “Unquoted Service Path Enumeration” stefan stefan
Description

Will Kohler wrote:

Hi Paul,

Once per month, the USGS scans all our internal computer systems using a product from Tenable Network Security, and our Windows PCs are getting flagged for a vulnerability in the Earthworm startstop_service module. The vulnerability is “Unquoted Service Path Enumeration”, described here:

http://www.tenable.com/sc-report-templates/microsoft-windows-unquoted-service-path-enumeration

You can see the problem by going to the Services control panel. Right-click on “Earthworm start-stop” and select Properties. Notice the “Path to executable:” isn’t enclosed in quotes. There’s a workaround described here:

http://www.commonexploits.com/?p=658

which involves editing the registry manually. Any chance we can modify startstop_service to enclose its own path in quotes?

Thanks, Will

#621 fixed localmag ipv6 can't parse waveserver traceSource stefan stefan
Description

(ipv6 code branch) localmag.d file has: traceSource waveServer ${MYIPADDRESS}:16029

but colon delimiter won't work with ipv6

#622 fixed wave_serverV can't start with IPv6 IP stefan stefan
Description

(ipv6 branch)

[earthworm@quicksilver params]$ wave_serverV wave_serverV.d 20180305_UTC_23:00:45 LoadTableEnvVariable?(): nfiles 2 ServerIPAdr name too long, max 19 [earthworm@quicksilver params]$ grep ServerIPAdr wave_serverV.d ServerIPAdr ${MYIPADDRESS} # address of machine running wave_server: geops.geophys [earthworm@quicksilver params]$ grep MYIPADDRESS earthworm_commonvars.d SetEnvVariable? MYIPADDRESS fc00::a00:27ff:feff:7100 [earthworm@quicksilver params]$

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
Note: See TracQuery for help on using queries.