Easy File Sharing Web Server multiple HTTP requests denial of service
| easyfilesharing-http-request-dos (17110) |  Low Risk |
Description:
Easy File Sharing Web Server is vulnerable to a denial of service attack. By sending multiple specially-crafted HTTP requests to the vulnerable server, a remote attacker could consume a large amount of CPU resources and cause the Web server to crash.
Platforms Affected:
- EFS Software, Easy File Sharing Web Server 1.25
Remedy:
No remedy available as of June 27, 2009.
Consequences:
Denial of Service
References:
- GulfTech Research and Development Team, Easy File Sharing Webserver v1.25 Vulnerabilities at http://www.gulftech.org/?node=research&article_id=00045-08242004.
- BID-11036: Easy File Sharing Web Server Remote Denial Of Service Vulnerability
- CVE-2004-1744: Easy File Sharing (EFS) Webserver 1.25 allows remote attackers to cause a denial of service (CPU consumption or crash) via many large HTTP requests.
- OSVDB ID: 9175: Easy File Sharing Web Server HTTP Request Saturation DoS
- SA12372: Easy File Sharing Web Server Exposure of Sensitive Information
- SECTRACK ID: 1011045: Easy File Sharing Web Server Discloses All Files on the Disk to Remote Users
Reported:
Aug 24, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net