Info

Disclosure

Aug 24, 2004

Discovery

Unknown

Dates

Exploit

Aug 24, 2004

Solution

Unknown

Description

Easy File Sharing Web Server contains a flaw that may allow a remote denial of service. The issue is triggered when a number of large HTTP requests are sent, and will result in loss of availability for the service and possibly the platform by using all available CPU resources.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

EFS Software, Inc.	Easy File Sharing Web Server	1.0
		1.2
		1.21
		1.23
		1.24
		1.25

References

Security Tracker: 1011045
Bugtraq ID: 11036
Secunia Advisory ID: 12372
ISS X-Force ID: 17110
CVE ID: 2004-1744 (see also: NVD)
Milw0rm: 423
Exploit Database: 423
Related OSVDB ID: 9174
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0335.html
http://marc.theaimsgroup.com/?l=bugtraq&m=109341398102863&w=2
Generic Exploit URL: http://archives.neohapsis.com/archives/bugtraq/2004-08/att-0335/efswsdos.pl
Other Advisory URL: http://www.gulftech.org/?node=research&article_id=00045-08242004
Vendor URL: http://www.sharing-file.com

Credit

James Bercegay - securitygulftech.org - GulfTech Security Research

Direct URL: http://osvdb.org/9175

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

EFS Software, Inc.

Easy File Sharing Web Server

References

Credit