Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1432

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2001-1432
Last Modified 05 Sep 2008 12:00:00
Published 29 Dec 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1432

Summary

Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

Vulnerable Systems

Application

  • Cherokee Httpd 0.1

  • Cherokee Httpd 0.1.5

  • Cherokee Httpd 0.1.6

  • Cherokee Httpd 0.2

  • Cherokee Httpd 0.2.5

  • Cherokee Httpd 0.2.6

  • Cherokee Httpd 0.2.7


References

CERT-VN - VU#464827

XF - cherokee-http-directory-traversal(7799)

BID - 3772

VULNWATCH - 20011229 Remote Root Hole in Cherokee Webserver


Last Updated: 27 May 2016 10:36:40