Cristhian Parrot from ON-X Groupe has let me know he has submitted CVE-2018-6384 for NSClient++ 0.3.9

This is a local privilege escalation issue which exists in 0.3.9 (and possibly older version as well) It has been fixed in 0.4.1.72 (and later).

The privilege escalation comes from the default installer installs the service without a quoted path. This means someone can create a binary named c:\program.exe and get that executed as the user of the NSClient++ service.

As this is a very old version and a fix was issued on 2012-12-18 in the form of 0.4.1.73 we will not issue a bug-fix or patch for this. Instead if you are using NSClient++ 0.3.9 please upgrade to a recent version (which has been the recommended strategy for some years now).

You can download the latest version here