CVE-2000-0589

SawMill 5.0.21 - Weak Password Encryption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0589. PoCs published by Larry W. Cashdollar.

AI-analyzed exploit summary This exploit decrypts passwords for Sawmill admin accounts by reversing a weak hash function. It requires the ciphertext from Sawmill's password file, which can be obtained via a separate file disclosure vulnerability (CVE-2000-0589).

Description

SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Larry W. Cashdollar · clocalunix

https://www.exploit-db.com/exploits/20042

View Code ZIP pw:eip

This exploit decrypts passwords for Sawmill admin accounts by reversing a weak hash function. It requires the ciphertext from Sawmill's password file, which can be obtained via a separate file disclosure vulnerability (CVE-2000-0589).

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Sawmill (version not specified)

No auth needed

Prerequisites: Access to Sawmill's password file (via file disclosure vulnerability)

MITRE ATT&CK

T1110.001 - Password Guessing

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-07/0080.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1403

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-06/0271.html

Scores

EPSS 0.0367

EPSS Percentile 88.2%

Details

CWE

CWE-310

Status published

Products (1)

sawmill/sawmill 5.0.21

Published Jun 26, 2000

Tracked Since Feb 18, 2026