Easy File Sharing Web Server HEAD HTTP request vulnerability

Added: 01/08/2016

Background

Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system (forum).

Problem

Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as a result of not properly validating user-supplied input when handling a HEAD HTTP request. This allows a remote attacker to potentially execute arbitrary code.

Resolution

Install a fixed version when one becomes available. Alternatively, find a different software product solution.

References

https://www.exploit-db.com/exploits/39009/

Limitations

Exploit works on Windows XP SP3.

Platforms

Windows

Back to exploit index