Cherokee URI Directory Traversal Vulnerability And Information Disclosure Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/archive/1/511814
https://www.securityfocus.com/bid/40831

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

IBM WebSphere Application Multiple Vulnerabilities Jul-11
Apache HTTP Server mod_proxy_ajp Process Timeout DoS Vulnerability (Windows)
HTTP File Server Security Bypass and Denial of Service Vulnerabilities
IIS Service Pack - 404
F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities