CVE-2003-1297

Name of the Vulnerable Software and Affected Versions Easy File Sharing (EFS) Web Server version 1.2

Description The issue allows remote attackers to obtain sensitive information, including an SMTP account username and password hash, the server configuration, and server log files, due to insufficient access control of the option.ini file and log directory under the web root.

Recommendations For Easy File Sharing (EFS) Web Server version 1.2, consider restricting access to the option.ini file and log directory to minimize the risk of exploitation. As a temporary workaround, limit access to these sensitive files until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.