CVE-2001-1432
7.8
CVSS Score
High
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Link copied!
Description
Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
None
Availability
None
Affected Software Configurations
- a cherokee cherokee_httpd 0.1 * * * * * * *
- a cherokee cherokee_httpd 0.1.5 * * * * * * *
- a cherokee cherokee_httpd 0.1.6 * * * * * * *
- a cherokee cherokee_httpd 0.2 * * * * * * *
- a cherokee cherokee_httpd 0.2.5 * * * * * * *
- a cherokee cherokee_httpd 0.2.6 * * * * * * *
- a cherokee cherokee_httpd 0.2.7 * * * * * * *
Weaknesses (CWE)
- CWE-22
References & External Links
- http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html
- http://www.kb.cert.org/vuls/id/464827
- http://www.securityfocus.com/bid/3772
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7799
- http://archives.neohapsis.com/archives/vulnwatch/2001-q4/0085.html
- http://www.kb.cert.org/vuls/id/464827
- http://www.securityfocus.com/bid/3772
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7799