CVE-2014-3791
published 2014-05-20CVE-2014-3791: Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID…
PriorityP268critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
76.20%
99.5th percentile
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| efssoft | easy_file_sharing_web_server | — | — |
| sharing-file | easy_file_sharing_web_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·The exploit and shellcode were tested specifically against the English version of Windows XP Professional SP2 and SP3; behavior on other OS versions or locales is not confirmed. ↗
- ·The CALL ESI gadget used to redirect execution is located at the static address 0x10023701; this address is specific to the EFS Web Server 6.8 binary and may differ across versions. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rxxg-6hh6-9xv2: Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6
ghsa_unreviewed·2022-05-17
CVE-2014-3791 [HIGH] CWE-119 GHSA-rxxg-6hh6-9xv2: Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
GHSA
GHSA-jj5c-3p3h-pxwp: Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7
ghsa_unreviewed·2022-05-13·CVSS 10.0
CVE-2018-9059 [CRITICAL] CWE-119 GHSA-jj5c-3p3h-pxwp: Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.
No detection rules found.
Exploit-DB
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow
exploitdb·2014-05-14
CVE-2014-3791 Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow
Easy File Sharing Web Server 6.8 - Remote Stack Buffer Overflow
---
# Exploit Title: Easy File Sharing Web Server 6.8 stack buffer overflow
# Date: 10 May 2014
# Exploit Author: superkojiman - http://www.techorganic.com
# Vendor Homepage: http://www.efssoft.com
# Software Link: http://www.sharing-file.com/efssetup.exe
# Version: 6.8
# Tested on: English version of Windows XP Professional SP2 and SP3
#
# Description:
# By setting UserID in the cookie to a long string, we can overwrite EDX which
# allows us to control execution flow when the following instruction is
# executed:
#
# 0x0045C8C2: CALL DWORD PTR DS:[EDX+28]
#
# We can point EDX+28 to a location in the stack containing a pointer to
# instructions we want to execute. This pointer can be placed at 0x01??6969.
# Under Windows XP P
Metasploit
Easy File Management Web Server Stack Buffer Overflow
metasploit
Easy File Management Web Server Stack Buffer Overflow
Easy File Management Web Server Stack Buffer Overflow
Easy File Management Web Server v4.0 and v5.3 contains a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.
No writeups or analysis indexed.
http://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-dayhttp://osvdb.org/show/osvdb/106965http://packetstormsecurity.com/files/126614/Easy-File-Sharing-Web-Server-6.8-Buffer-Overflow.htmlhttp://www.exploit-db.com/exploits/33352http://www.securityfocus.com/bid/67406http://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-dayhttp://osvdb.org/show/osvdb/106965http://packetstormsecurity.com/files/126614/Easy-File-Sharing-Web-Server-6.8-Buffer-Overflow.htmlhttp://www.exploit-db.com/exploits/33352http://www.securityfocus.com/bid/67406
2014-05-20
Published