CVE-2000-0588

high

Description

SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.

References

http://www.securityfocus.com/bid/1402

http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html

Details

Source: Mitre, NVD

Published: 2000-06-26

Updated: 2013-07-30

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High