Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0588

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2000-0588
Last Modified 30 Jul 2013 12:00:00
Published 26 Jun 2000 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0588

Summary

SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.

Vulnerable Systems

Application

  • Flowerfire Sawmill 5.0.21

  • Sawmill 5.0.21


References

BUGTRAQ - 20000626 sawmill5.0.21 old path bug & weak hash algorithm

BID - 1402

BUGTRAQ - 20000706 Patch for Flowerfire Sawmill Vulnerabilities Available


Last Updated: 27 May 2016 10:57:38