- 28 May 2008Advisories » Easy File Sharing Web Server Remote Cross-Site Scripting and Information Disclosure Vulnerabilities
| Release Date: | 31/10/2006 | Severity: | Moderately Critical  |
| SecWatch Advisory: | SWID1015934 | Cause: | Input validation error |
| Solution Status: | Unpatched | Impact: | Disclosure of system information Cross Site Scripting |
| Exploit Status: | None Available | Access Vector: | From remote |
| Affected Software: | Easy File Sharing Web Server 4.x | ||
| Secunia: | SA22602 | ||
Description:
Multiple input validation vulnerabilities in Easy File Sharing Web Server have been reported, which can be exploited by remote users to conduct cross-site scripting attacks and disclose sensitive information.
1) User-supplied input passed to the "author", "content", and "title" parameters when posting a new forum thread is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session when malicious data is viewed.
2) An error exists within the handling of alternative data streams. When running on a NTFS file system, this can be exploited to disclose the content of arbitrary files in the web root by appending "::$DATA" to the request. This allows to gain knowledge of user and administrator login credentials, cryptographic keys and certificates, private messages, logfiles, and other sensitive information.
Affected:
Easy File Sharing Web Server version 4.0. Other versions may also be affected.
Solution:
There was no vendor-supplied solution at the time of entry.
Use in trusted network environments only.
Credits:
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
10 Dec 07: Easy File Sharing Web Server Multiple Remote Vulnerabilities
08 Dec 07: Easy File Sharing Web Server <= 4.5 Remote Arbitrary Fil.. (efsup.zip)