Cherokee URI Directory Traversal Vulnerability And Information Disclosure Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/archive/1/511814
https://www.securityfocus.com/bid/40831

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

LiteSpeed Web Server Source Code Information Disclosure Vulnerability
Apache HTTP Server Scoreboard Security Bypass Vulnerability (Windows)
IBM WebSphere Application Multiple Vulnerabilities Jul-11
IBM WebSphere Application Server Administration Console DoS vulnerability
HServer Webserver Multiple Directory Traversal Vulnerabilities

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability

Take action and discover your vulnerabilities