| VID |
12086 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The Easy File Sharing Web Server is vulnerable to a format string vulnerability which exists in version 3.2. Easy File Sharing Web Server is a file sharing software for Microsoft Windows platforms that allows visitors to upload/download files easily through a Web Browser (IE, Mozilla, Netscape etc.). Easy File Sharing Web Server version 3.2 and possibly other versions are vulnerable to a format string vulnerability in the logging functionality. This vulnerability could allow a remote attacker to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in the query string argument in an HTTP GET request. In addition, the application includes cross-site scripting and arbitrary file-upload vulnerabilities. A remote attacker could exploit these vulnerabilities to steal cookie-based authentication credentials and to execute arbitrary code by uploading a malicious file to the Windows startup folder.
* References:
http://www.securityfocus.com/archive/1/427158/30/0/threaded
http://secunia.com/advisories/19178/
* Platforms Affected:
Enterprise IT Planet, Easy File Sharing Web Server 3.2
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of the Easy File Sharing Web Server (3.3 or later), available from the Download Web site for the the Easy File Sharing Web Server at http://www.sharing-file.com/download.htm |
| Related URL |
CVE-2006-1159,CVE-2006-1160,CVE-2006-1161 (CVE) |
| Related URL |
17046 (SecurityFocus) |
| Related URL |
25135,25136 (ISS) |
|
