Vulnerability Description
Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Efs Software | Efs Web Server | 4.0 |
References
- http://secunia.com/advisories/22602Vendor Advisory
- http://www.securityfocus.com/bid/20823Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29925
- https://www.exploit-db.com/exploits/2690
- http://secunia.com/advisories/22602Vendor Advisory
- http://www.securityfocus.com/bid/20823Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29925
- https://www.exploit-db.com/exploits/2690
FAQ
What is CVE-2006-5714?
CVE-2006-5714 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request,...
How severe is CVE-2006-5714?
CVE-2006-5714 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5714?
Check the references section above for vendor advisories and patch information. Affected products include: Efs Software Efs Web Server.