1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Rejetto HttpFileServer CVE-2014-6287

Web Attack: Rejetto HttpFileServer CVE-2014-6287

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a vulnerability in HTTP File Server which could lead to remote command-execution.

Additional Information

HTTP File Server is designed for file transfer.

HTTP File Server is prone to a remote command-execution vulnerability because it fails to properly handle null-byte. Specifically, this issue occurs in the 'ParserLib.pas' file.

An attacker can execute arbitrary commands with the privileges of the affected application.

Affected

  • HTTP File Server 2.3.x is vulnerable; other versions may also be affected.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube