Easy Address Book Web Server Format String Vulnerability

2006-09-06T00:00:00
ID SECURITYVULNS:DOC:14155
Type securityvulns
Reporter Securityvulns
Modified 2006-09-06T00:00:00

Description

Easy Address Book Web Server Format String Vulnerability

Software: Easy Address Book Web Server Version: 1.2 Website: http://www.efssoft.com/

Description: Easy Address Book Web Server is a Web Address Book software that allows users to view, search, add, edit, or administer address books easily through a Web Browser.

Vulnerability: By sending a specially crafted HTTP request, a remote attacker can crash or compromise the server.

Denial of Service example: http://[host]/?%25n

Credit: Discovered by Revnic Vasile