PT-2006-2188 · Microsoft+1 · Windows+1

Publicado

2006-03-12

Atualizado

2018-10-18

CVE-2006-1161

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Easy File Sharing (EFS) Web Server version 3.2

Description The issue allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder due to an absolute path traversal vulnerability.

Recommendations For Easy File Sharing (EFS) Web Server version 3.2, consider restricting file upload capabilities to prevent malicious file uploads until a patch is available. As a temporary workaround, restrict access to the Windows startup folder to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-1161

Produtos afetados

Easy File Sharing Web Server

Windows

PT-2006-2188 · Microsoft+1 · Windows+1

CVE-2006-1161

Identificadores relacionados

Produtos afetados

Referências · 7