Cherokee URI Directory Traversal Vulnerability And Information Disclosure Vulnerability Network Vulnerability

Summary

Cherokee is prone to a directory-traversal vulnerability and an information- disclosure vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting the issues may allow an attacker to obtain sensitive information that could aid in further attacks. Cherokee 0.5.4 and prior versions are vulnerable.

References

http://www.alobbs.com/modules.php?op=modload&name=cherokee&file=index
http://www.securityfocus.com/archive/1/511814
https://www.securityfocus.com/bid/40831

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Cherokee Terminal Escape Sequence in Logs Command Injection Vulnerability
IBM WebSphere Application Server IVT Cross Site Scripting Vulnerability
IBM WebSphere Application Server (WAS) Cross-site Scripting Vulnerability
IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability
Lighttpd Trailing Slash Information Disclosure Vulnerability

Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability

Take action and discover your vulnerabilities