EUVD-2010-1111

Malware in sbrugna...

EUVD-2013-4791

Malware in sbrugna...

EUVD-2000-0584

Malware in sbrugna...

CVE-2010-1079

Cross-site scripting XSS vulnerability in Sawmill before 7.2.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2005-2950

Cross-site scripting XSS vulnerability in Sawmill 7.0.0 through 7.1.13 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP GET request...

Sawmill < 7.1.14 GET Request Query String XSS

Binary data 3219.prm...

Vulnerability in Sawmill for Solaris v. 6.2.14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 = Warped Force Advisory 2 = Subject: Vulnerability in Sawmill for Solaris v. 6.2.14 Author: darky0da [email protected] Discovered: 2.8.02 Announced to BugTraq: 2.11.02 Vendor Status: Vendor notified on 2.9.02 and verified issue. Upgrade v. 6.2.15...

sawmill5.0.21 old path bug &amp; weak hash algorithm

Aleph1, Greetings, I did not see this in the archives so I figured I would forward it on. Vendor: Notified. Link: http://www.flowerfire.com/sawmill SawMill is a site log statistics package for UNIX, Windows and MacOS. I have been evaluating it under Linux. In my test configuration I have sawmill...

Sawmill Weak Password Encryption Scheme Information Disclosure

The version of Sawmill running on the remote web server is affected by an information disclosure vulnerability due to the use of a weak hash function. An unauthenticated, remote attacker can exploit this to obtain the administrative user password. %NASLMINLEVEL 70300 C Tenable Network Security,...

Flowerfire Sawmill 5.0.21 - File Access

source: https://www.securityfocus.com/bid/1402/info Sawmill is a site statistics package for Unix, Windows and Mac OS. A specially crafted request can disclose the first line of any world readable file for which the full pathname is known, for example /etc/passwd. The output of the request is...