{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2000-06-26T04:00:00.000Z", "descriptions": [{"lang": "en", "value": "SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-11-02T15:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20000706 Patch for Flowerfire Sawmill Vulnerabilities Available", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html"}, {"name": "20000626 sawmill5.0.21 old path bug & weak hash algorithm", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html"}, {"name": "1402", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/1402"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2000-0588", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20000706 Patch for Flowerfire Sawmill Vulnerabilities Available", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html"}, {"name": "20000626 sawmill5.0.21 old path bug & weak hash algorithm", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html"}, {"name": "1402", "refsource": "BID", "url": "http://www.securityfocus.com/bid/1402"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T05:21:31.286Z"}, "title": "CVE Program Container", "references": [{"name": "20000706 Patch for Flowerfire Sawmill Vulnerabilities Available", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html"}, {"name": "20000626 sawmill5.0.21 old path bug & weak hash algorithm", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html"}, {"name": "1402", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/1402"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2000-0588", "datePublished": "2000-10-13T08:00:00.000Z", "dateReserved": "2000-07-19T04:00:00.000Z", "dateUpdated": "2024-08-08T05:21:31.286Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sawmill:sawmill:5.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "4673D2AA-E1BE-4809-94BE-7C6951E9D2D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands."}], "id": "CVE-2000-0588", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2000-06-26T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html"}, {"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/1402"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/1402"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}