Cherokee URI Directory Traversal Vulnerability And Information Disclosure Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/archive/1/511814
https://www.securityfocus.com/bid/40831

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat Parameter Handling Denial of Service Vulnerability (Win)
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
bozotic HTTP server Denial of Service Vulnerability
Apache HTTP Server 'httpOnly' Cookie Information Disclosure Vulnerability
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability

Take action and discover your vulnerabilities