Easy File Sharing Web Server GET HTTP request vulnerability

2016-08-11T00:00:00
ID SAINT:CAFE0838BA6B983F80ECC74E5CE0C8D2
Type saint
Reporter SAINT Corporation
Modified 2016-08-11T00:00:00

Description

Added: 08/11/2016

Background

Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system (forum).

Problem

Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as a result of not properly validating user-supplied input when handling a GET HTTP request. This allows a remote attacker to potentially execute arbitrary code.

Resolution

Install a fixed version when one becomes available. Alternatively, find a different software product solution.

References

<https://www.exploit-db.com/exploits/40178/>

Limitations

Exploit works on Windows 7, 8, 8.1 and 10.

Platforms

Windows