SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
References
Configurations
History
No history.
Information
Published : 2000-06-26 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2000-0588
Mitre link : CVE-2000-0588
CVE.ORG link : CVE-2000-0588
JSON object : View
Products Affected
sawmill
- sawmill
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor