Vulnerabilities > CVE-2002-0265 - Unspecified vulnerability in Sawmill

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
sawmill
exploit available
NVD
Published: 2002-05-29
Updated: 2016-10-18

Summary

Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file.

Vulnerable Configurations

Part Description Count
Application
Sawmill
16

Exploit-Db

descriptionSawmill 6.2.x AdminPassword Insecure Default Permissions Vulnerability. CVE-2002-0265 . Local exploits for multiple platform
idEDB-ID:21288
last seen2016-02-02
modified2002-02-11
published2002-02-11
reporterdarky0da
sourcehttps://www.exploit-db.com/download/21288/
titleSawmill 6.2.x AdminPassword Insecure Default Permissions Vulnerability

References