Sawmill < 7.1.6 Multiple Vulnerabilities

medium Nessus Plugin ID 18507

Synopsis

An application running on the remote web server is affected by multiple vulnerabilities.

Description

According to its version number, the Sawmill application running on the remote web server is affected by multiple vulnerabilities :

- An unspecified flaw exists that allows an authenticated, remote attacker to gain administrative privileges.
(CVE-2005-1900)

- An unspecified flaw allows an authenticated, remote attacker to add an unauthorized license key.
(CVE-2005-1900)

- A cross-site scripting vulnerability exists due to improper validation of the username variable before submitting it to the Add User window. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2005-1901)

- A cross-site scripting vulnerability exists due to improper validation of the license key field before submitting it to the Licensing Page. An authenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session. (CVE-2005-1901)

Solution

Upgrade to Sawmill version 7.1.6 or later.

See Also

http://www.nessus.org/u?6bd7ceaf

http://www.sawmill.net/version_history7.html

Plugin Details

Severity: Medium

ID: 18507

File Name: sawmill_priv_escalation.nasl

Version: 1.25

Type: remote

Family: CGI abuses

Published: 6/17/2005

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:sawmill:sawmill

Required KB Items: installed_sw/Sawmill

Exploit Ease: No exploit is required

Patch Publication Date: 6/2/2005

Vulnerability Publication Date: 6/2/2005

Reference Information

CVE: CVE-2005-1900, CVE-2005-1901

BID: 13864, 13866, 13868

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990