Sawmill: Privilege-escalation and Code-execution Vulnerabilities

Users of Sawmill please be advised of a Privilege-escalation and Code-execution Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (

20101021-0: Sawmill Privilege-escalation and Code-execution
product: Sawmill – Universal Log File Analysis
Vulnerability overview/description:


Sawmill suffers from multiple critical vulnerabilities which allow an

_unauthenticated_ attacker to gain administrative rights. Furthermore

it is possible to access (RW) the file system and execute arbitrary

commands on the operating system without authentication.
Attackers with valid accounts are able to reset the root password or

add/delete log profiles, view and manipulate admin settings etc.

It must be noted that further vulnerabilities are to be expected

within the software (such as buffer overflows, etc.). Due to lack of

time no further vulnerabilities could be searched.