<plugin_id>233</plugin_id>
<plugin_name>Easy File Sharing Webserver 1.25 Access Control Bypass</plugin_name>
<plugin_family>HTTP</plugin_family>
<plugin_created_date>2004/09/13</plugin_created_date>
<plugin_created_name>Nico 'Triplex' Spicher</plugin_created_name>
<plugin_created_email>Triplex at IT-Helpnet dot de</plugin_created_email>
<plugin_created_web>http://triplex.it-helpnet.de/</plugin_created_web>
<plugin_created_company>http://www.it-helpnet.de/</plugin_created_company>
<plugin_updated_name>Marc Ruef</plugin_updated_name>
<plugin_updated_email>marc dot ruef at computec dot ch</plugin_updated_email>
<plugin_updated_web>http://www.computec.ch</plugin_updated_web>
<plugin_updated_company>computec.ch</plugin_updated_company>
<plugin_updated_date>2004/11/14</plugin_updated_date>
<plugin_version>2.0</plugin_version>
<plugin_changelog>Made some slight modifications and enhancements in version 1.1. Corrected the plugin structure and added the accuracy values in 1.2. Improved the pattern matching and introduced the plugin changelog in 2.0</plugin_changelog>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>80</plugin_port>
<plugin_procedure_exploit>open|send GET /disk_c HTTP/1.0\n\n|sleep|close|pattern_exists HTTP/#.# 200 *</plugin_procedure_exploit>
<plugin_exploit_accuracy>99</plugin_exploit_accuracy>
<plugin_comment>This plugin was written with the ATK-Plugin-Creator [http://triplex.it-helpnet.de].</plugin_comment>
<bug_published_name>James Bercegay</bug_published_name>
<bug_published_web>http://www.gulftech.org</bug_published_web>
<bug_published_company>GulfTech Security Research Team</bug_published_company>
<bug_published_date>2004/08/24</bug_published_date>
<bug_advisory>http://gulftech.org/?node=research&article_id=00045-08242004</bug_advisory>
<bug_affected>Easy File Sharing Webserver 1.2 and 1.25</bug_affected>
<bug_vulnerability_class>Missing Authentication</bug_vulnerability_class>
<bug_description>There is no authentication given. An attacker may be able gain elevated access.</bug_description>
<bug_solution>If the web server is not used it should be de-installed or de-activated. Install the newest patch or bugfix to solve the problem or upgrade to the latest software version which is not vulnerable anymore (http://www.sharing-file.com). Additionally limit unwanted connections and communications with firewalling.</bug_solution>
<bug_fixing_time>Approx. 20 minutes</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_exploit_url>http://www.securityfocus.com/bid/11034/exploit/</bug_exploit_url>
<bug_remote>Yes</bug_remote>
<bug_local>Yes</bug_local>
<bug_severity>Medium</bug_severity>
<bug_popularity>2</bug_popularity>
<bug_simplicity>8</bug_simplicity>
<bug_impact>7</bug_impact>
<bug_risk>3</bug_risk>
<source_securityfocus_bid>11034</source_securityfocus_bid>
<source_literature>Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X</source_literature>
<source_misc>http://www.securityfocus.com/archive/1/372840</source_misc>