When performing a Nessus security/penetration test on the server which has SLQBackupFTP installed, the scan reports a potential vulnerability with a service that contains a ‘space’ in the path.
Nessus found the following services with an untrusted path :
SQLBackupAndFTP Client Service Watchdog : C:\Program Files (x86)\SQLBackupAndFTP\SqlBak.WatchDogService.exe
SQLBackupAndFTP Client Service : C:\Program Files (x86)\SQLBackupAndFTP\SqlBak.Service.exe
Per their recommendations (found at http://www.nessus.org/u?84a4cc1c), I am passing this along to the development team so that it can be addressed in future versions.
Ensure that any services that contain a space in the path enclose the path in quotes.