Sawmill 8.x < 8.1.7.3 Arbitrary File Disclosure

high Nessus Plugin ID 50431

Synopsis

It was possible to read arbitrary files from the remote system.

Description

The version of Sawmill running on the remote host fails to properly restrict access to critical functions to an unauthorized user. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to read arbitrary files from the remote system.

Note that the version of Sawmill running on the remote host may be affected by several other vulnerabilities, including arbitrary command execution and cross-site scripting vulnerabilities; however, Nessus has not checked for them.

Solution

Upgrade to Sawmill version 8.1.7.3 or later.

See Also

https://seclists.org/bugtraq/2010/Oct/185

http://www.nessus.org/u?4af3942f

http://www.sawmill.net/version_history8.html

Plugin Details

Severity: High

ID: 50431

File Name: sawmill_8_1_7_3.nasl

Version: 1.12

Type: remote

Family: CGI abuses

Published: 11/1/2010

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:sawmill:sawmill

Required KB Items: installed_sw/Sawmill

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 10/11/2010

Vulnerability Publication Date: 10/21/2010

Reference Information

BID: 44292

Secunia: 41931