CVE-2006-5714

Name of the Vulnerable Software and Affected Versions: Easy File Sharing (EFS) Web Server version 4.0

Description: The issue allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, accessing the alternate data stream.

Recommendations: For Easy File Sharing (EFS) Web Server version 4.0, consider restricting access to sensitive files under the web root until a patch is available. As a temporary workaround, avoid using NTFS file systems or disable the ability to access alternate data streams.