| VID |
21943 |
| Severity |
40 |
| Port |
8987, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Sawmill program is vulnerable to multiple vulnerabilities which exist in versions prior to 7.1.6. Sawmill is a site statistics package for Unix, Windows and Mac OS. Sawmill version 7.1.5 and earlier versions is vulnerable to multiple vulnerabilities, which can be exploited by a remote attacker to conduct cross-site scripting attacks and bypass certain security restrictions.
1) An unspecified error can be exploited to get administrative access.
2) An unspecified error can be exploited to add a license without being authenticated.
3) Input passed to the username in the "Add User" window and the license key in the licensing page isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in an administrator's browser session in context of a vulnerable site.
* Note: This check solely relied on the banner of Sawmill program on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.networksecurity.fi/advisories/sawmill-admin.html
http://secunia.com/advisories/15499/
* Platforms Affected:
Flowerfire, Sawmill version 7.1.5 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Sawmill (7.1.6 or later), available from the Sawmill Download Web site at http://www.sawmill.net/us_downloads.html |
| Related URL |
CVE-2005-1900,CVE-2005-1901 (CVE) |
| Related URL |
13864,13866,13868 (SecurityFocus) |
| Related URL |
20879,20880,20881 (ISS) |
|
