Exploitation Summary
EIP tracks 1 public exploit for CVE-2002-0265. PoCs published by darky0da.
AI-analyzed exploit summary This exploit leverages insecure default permissions on the AdminPassword file in Sawmill on Solaris, allowing a local attacker to overwrite the file with a custom password hash to bypass authentication.
Description
Sawmill for Solaris 6.2.14 and earlier creates the AdminPassword file with world-writable permissions, which allows local users to gain privileges by modifying the file.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by darky0da · textlocalmultiple
https://www.exploit-db.com/exploits/21288
This exploit leverages insecure default permissions on the AdminPassword file in Sawmill on Solaris, allowing a local attacker to overwrite the file with a custom password hash to bypass authentication.
Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
Sawmill (Solaris)
No auth needed
Prerequisites:
Local access to the Solaris system running Sawmill · Write permissions to the AdminPassword file
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.sawmill.net/version_history.html
Exploit, Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/4077
Patch, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/8173.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101346206921270&w=2
Scores
EPSS
0.0079
EPSS Percentile
52.1%
Details
Status
published
Products (16)
sawmill/sawmill
6.2
sawmill/sawmill
6.2.1
sawmill/sawmill
6.2.2
sawmill/sawmill
6.2.3
sawmill/sawmill
6.2.4
sawmill/sawmill
6.2.5
sawmill/sawmill
6.2.6
sawmill/sawmill
6.2.7
sawmill/sawmill
6.2.8
sawmill/sawmill
6.2.8a
... and 6 more
Published
May 29, 2002
Tracked Since
Feb 18, 2026