Cherokee Directory Traversal Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://freetexthost.com/ncyss3plli
http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/bid/36874

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3902
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Lil' HTTP Server Cross Site Scripting Vulnerability
Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability
JBoss Enterprise Application Platform Multiple Vulnerabilities
Apache Tomcat Multiple Vulnerabilities January 2010
Jetty Cross Site Scripting and Information Disclosure Vulnerabilities

Take action and discover your vulnerabilities