4 matches found
Flowerfire Sawmill 5.0.21 File Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1402/info Sawmill is a site statistics package for Unix, Windows and Mac OS. A specially crafted request can disclose the first line of any world readable file for which the full pathname is known, for example /etc/passwd...
CVE-2000-0588
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands...
CVE-2000-0588
SawMill 5.0.21 CGI is affected by an information disclosure vulnerability where remote, unauthenticated attackers can read the first line of arbitrary files by supplying a target file in the rfcf parameter. SawMill processes the parameter contents as configuration commands, enabling path traversa...
CVE-2000-0589
SawMill 5.0.21 is affected by a weakness in how it stores passwords, enabling an attacker to decrypt the administrative password and modify the SawMill configuration. The vulnerability stems from weak encryption/hash usage, facilitating information disclosure and potential configuration tampering...