Cherokee URI Directory Traversal Vulnerability And Information Disclosure Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/archive/1/511814
https://www.securityfocus.com/bid/40831

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache UserDir Sensitive Information Disclosure
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
Ecava IntegraXor Directory Traversal Vulnerability
Apache Tomcat Session Fixation Vulnerability (Windows)
GoAhead Webserver Multiple Stored Cross Site Scripting Vulnerabilities

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability

Take action and discover your vulnerabilities