Easy File Sharing Web Server version 3.2 suffers from multiple vulnerabilities that could lead to system compromise.
a33505aa97f2b355e249415d1af996b6206bcf6816314844669f76bc19bb9782Easy File Sharing Web Server Multiple Vulnerablilities
Software: Easy File Sharing Web Server
Version: 3.2
Website: http://www.sharing-file.com/
Description:
Easy File Sharing Web Server is a Windows program that allows
you to host a secure peer-to-peer and web-based file sharing
system without any additional software or services.
Vulnerabilities:
1) Remote System Compromise:
A registered user can upload a malicious file to a Startup folder,
leading to system compromise after reboot.
http://192.168.1.1/disk_c/Documents%20and%20Settings/All%20Users/Start%20Menu/Programs/Startup
Exploit: not needed.
2) Denial of Service:
By sending a specifically crafted GET request, the EFS web server
will crash.
Exploit: http://192.168.1.1/?%25n
3) Cross-Site Scripting:
It is possible to insert arbitrary script code like
<script>alert(document.cookie);</script>
in "Description" field when creating a folder or uploading a file.
Tested on:
Windows 2000 SP4
Windows XP SP2
Credit:
Discovered by Revnic Vasile
revnic@gmail.com
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed