Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1433

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1433
Last Modified 05 Sep 2008 04:26:32
Published 29 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1433

Summary

Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, which could allow remote attackers to gain privileges via other vulnerabilities.

Vulnerable Systems

Application

  • Cherokee Httpd 0.1

  • Cherokee Httpd 0.1.5

  • Cherokee Httpd 0.1.6

  • Cherokee Httpd 0.2

  • Cherokee Httpd 0.2.5

  • Cherokee Httpd 0.2.6


References

CERT-VN - VU#245795

BID - 3771

XF - cherokee-http-insecure-privileges(7797)

VULNWATCH - 20011229 Remote Root Hole in Cherokee Webserver


Last Updated: 27 May 2016 10:36:40