CVE-2006-1159

Name of the Vulnerable Software and Affected Versions Easy File Sharing (EFS) Web Server version 3.2

Description The issue allows remote attackers to cause a denial of service, potentially leading to a server crash, and may also enable the execution of arbitrary code. This is achieved through the use of format string specifiers in the query string argument of an HTTP GET request.

Recommendations For Easy File Sharing (EFS) Web Server version 3.2, consider restricting access to the HTTP GET request endpoint to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using format string specifiers in the query string argument. At the moment, there is no information about a newer version that contains a fix for this vulnerability.