Rejetto HTTP File Server (HFS) 2.2/2.3 - Arbitrary File Upload Vulnerability



source: http://www.securityfocus.com/bid/26732/info


HFS HTTP File Server is prone to a vulnerability that lets attackers upload files and place them in arbitrary locations on the server. The issue occurs because the software fails to adequately sanitize user-supplied input.

A successful exploit may allow the attacker to upload malicious files and potentially execute them; this may lead to various attacks.

This issue affects versions prior to HTTP File Server 2.2b.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30850.zip