Lucene search
HistoryOct 13, 2000 - 4:00 a.m.
CVE-2000-0588
cve-2000-0588
sawmill 5.0.21
remote attack
file access
configuration commands
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.015 Low
EPSS
Percentile
86.9%
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
Affected configurations
Node
sawmillsawmillMatch5.0.21
| CPE | Name | Operator | Version |
|---|---|---|---|
| sawmill:sawmill | sawmill | eq | 5.0.21 |
Related
nvd
nvd
CVE-2000-0588
2000-06-26 04:00:00
nessus
nessus
Sawmill File Access Information Disclosure
2000-06-27 00:00:00
cvelist
cvelist
CVE-2000-0588
2000-10-13 04:00:00
threatpost
threatpost
305 CVEs and Counting: Bug-Hunting Stories From a Security Engineer
2020-10-02 14:01:02
6.7 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.015 Low
EPSS
Percentile
86.9%
Related for CVE-2000-0588