CVE-2006-5714

Easy File Sharing EFS Web Server 4.0 - Info Disclosure

Title source: llm

Description

Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Greg Linares · cremotewindows

https://www.exploit-db.com/exploits/2690

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/29925

[Exploit] http://www.securityfocus.com/bid/20823

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/2690

[Vendor Advisory] http://secunia.com/advisories/22602

Scores

EPSS 0.0532

EPSS Percentile 90.1%

Details

Status published

Products (1)

efs_software/efs_web_server 4.0

Published Nov 04, 2006

Tracked Since Feb 18, 2026