|
Easy File Sharing Webserver v1.25 Vulnerabilities
|
August 24, 2004
|
|
|
Description:
Easy File Sharing Web Server is a file sharing software
that allows visitors to upload/download files easily
through a Web Browser (IE,Netscape,Opera etc.). It can help
you share files with your friends and colleagues. They can
download files from your computer or upload files from
theirs. They will not be required to install this software
or any other software because an internet browser is enough.
Easy File Sharing Web Server also provides a Bulletin Board
System (Forum). It allows remote users to post messages and
files to the forum.
Unauthorized System Access:
The authorization function used by EFS Webserver is supposed
to keep just anyone from being able to access your files. But
this is not the case and an attacker has read access to the
entire hard drive by default.
http://127.0.0.1/disk_c
This url will give an attacker read access to the entire C
drive. The issue is exploited by requesting the name of a
virtual folder on the server.
Denial of Service:
Easy File Sharing Web Server can be DoS'ed and even remotely
crashed by sending a number of large HTTP requests to the web
server. The CPU usage goes up to 99% and in some cases crash.
Proof Of Concept:
http://www.gulftech.org/downloads/?file_id=00019
Solution:
Vendor was contacted, but never replied to my emails.
Credits:
James Bercegay of the GulfTech Security Research Team.
|
|
|
