Advisory: File Sharing Wizard - Buffer overflow vulnerability with overwritten EAX CPU register [Update: 20.06.2010]

---------------------------------------------
File Sharing Wizard Version 1.5.0 build on 26-8-2008
- Buffer overflow vulnerability with overwritten EAX CPU register
Date: 15.06.2010
---------------------------------------------

- Description

File Sharing Wizard 1.5: This powerful file sharing software will let you easily share files with your friends or colleagues just through a web browser (IE, Mozilla, FireFox etc). Using File Sharing Wizard will turn your pc into web server in seconds.

- buffer overflow vulnerability

The vulnerability can be triggered by sending a specially crafted HTTP GET request. Payload of the attached POC overwrites the EAX register with B.

- Solution

No known solution available.

- Credits

The vulnerability was discovered by Michael Messner from Integralis
michael#dot#messner#at#integralis#dot#com

- Timeline

25.05.2010 - vulnerability discovered
25.05.2010 - contacted support team of sharing-file.net
15.06.2010 - no response from the support team
15.06.2010 - public disclosure

- Reference

Download vulnerable software
http://www.sharing-file.net/
http://www.sharing-file.net/file-sharing/download/fs-wizard-setup.exe

- Screenshot

- more Ressources:

• CVE-2010-2330
• http://www.exploit-db.com/exploits/13876/
• http://www.securityfocus.com/bid/40866
• http://xforce.iss.net/xforce/xfdb/59434
• http://packetstormsecurity.org/1006-exploits/filesharingwizard-overflow.txt
• http://secunia.com/advisories/40197
• http://www.vupen.com/english/advisories/2010/1487
• 0day Exploit on exploit-db.com from Team Hackers Garage

- POC