<plugin_id>177</plugin_id>
<plugin_name>EFS Software Easy File Sharing Web Server prior 1.25 ACL bypass</plugin_name>
<plugin_family>HTTP</plugin_family>
<plugin_created_date>2004/09/08</plugin_created_date>
<plugin_created_name>Marc Ruef</plugin_created_name>
<plugin_created_email>marc dot ruef at computec dot ch</plugin_created_email>
<plugin_created_web>http://www.computec.ch</plugin_created_web>
<plugin_created_company>computec.ch</plugin_created_company>
<plugin_updated_name>Marc Ruef</plugin_updated_name>
<plugin_updated_email>marc dot ruef at computec dot ch</plugin_updated_email>
<plugin_updated_web>http://www.computec.ch</plugin_updated_web>
<plugin_updated_company>computec.ch</plugin_updated_company>
<plugin_updated_date>2004/11/14</plugin_updated_date>
<plugin_version>2.0</plugin_version>
<plugin_changelog>Corrected the fixing time value in version 1.0 (minutes instead of hours). Corrected the plugin structure and added the accuracy values in 1.2. Improved the pattern matching and introduced the plugin changelog in 2.0</plugin_changelog>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>80</plugin_port>
<plugin_procedure_exploit>open|send GET /disk_c HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# ### *Virtual Folders* OR HTTP/#.# ### *src="/vfolder.gif"* OR HTTP/#.# ### */createfolder.ghp?vfolder=*</plugin_procedure_exploit>
<plugin_exploit_accuracy>99</plugin_exploit_accuracy>
<plugin_comment>Check is inspired by the Nessus plugin.</plugin_comment>
<bug_published_name>James Bercegay </bug_published_name>
<bug_published_web>http://www.gulftech.org</bug_published_web>
<bug_published_company>GulfTech Security</bug_published_company>
<bug_published_date>2004/08/24</bug_published_date>
<bug_advisory>http://www.gulftech.org/?node=research&article_id=00045-08242004</bug_advisory>
<bug_affected>EFS Software Easy File Sharing Web Server prior 1.25</bug_affected>
<bug_not_affected>EFS Software Easy File Sharing Web Server newer than 1.25</bug_not_affected>
<bug_vulnerability_class>Directory Traversal</bug_vulnerability_class>
<bug_description>The remote host is running an Easy File Sharing Web Server. There is a bug which makes it possible to bypass the ACL restrictions. An attacker may be able to get elevated privileges and access to sensitive data.</bug_description>
<bug_solution>You should upgrade the solution when a new version is available. See http://www.sharing-file.com for more details. Also limit unwanted connections and communications with firewalling if possible.</bug_solution>
<bug_fixing_time>Approx. 30 minutes</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_exploit_url>http://www.nessus.org</bug_exploit_url>
<bug_remote>Yes</bug_remote>
<bug_local>Yes</bug_local>
<bug_severity>Medium</bug_severity>
<bug_popularity>5</bug_popularity>
<bug_simplicity>7</bug_simplicity>
<bug_impact>7</bug_impact>
<bug_risk>6</bug_risk>
<bug_nessus_risk>Medium</bug_nessus_risk>
<bug_check_tool>Nessus is able to do the same check.</bug_check_tool>
<source_securityfocus_bid>11034</source_securityfocus_bid>
<source_nessus_id>14375</source_nessus_id>
<source_literature>Hacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427</source_literature>
<source_misc>http://www.securityfocus.com/archive/1/372840</source_misc>